386 lines
76 KiB
Plaintext
386 lines
76 KiB
Plaintext
# Title: PUP Domains Snort3 Ruleset
|
|
# Description: Block domains that host potentially unwanted programs (PUP)
|
|
# Updated: Sat, 08 Jan 2022 00:02:28 +0000
|
|
# Expires: 1 day (update frequency)
|
|
# Homepage: https://gitlab.com/curben/pup-filter
|
|
# License: https://gitlab.com/curben/pup-filter#license
|
|
# Source: https://github.com/zhouhanc/malware-discoverer
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"abc-news.online",nocase; classtype:web-application-activity; sid:300000001; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"adverify.cloud",nocase; classtype:web-application-activity; sid:300000002; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"adverify.me",nocase; classtype:web-application-activity; sid:300000003; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"aikoo.club",nocase; classtype:web-application-activity; sid:300000004; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"am-harder-stock-corn.xyz",nocase; classtype:web-application-activity; sid:300000005; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"amobil.online",nocase; classtype:web-application-activity; sid:300000006; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"android-browser.live",nocase; classtype:web-application-activity; sid:300000007; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"android-web.live",nocase; classtype:web-application-activity; sid:300000008; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"aphicus.xyz",nocase; classtype:web-application-activity; sid:300000009; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"appsto.cloud",nocase; classtype:web-application-activity; sid:300000010; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"appzfirer.biz",nocase; classtype:web-application-activity; sid:300000011; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"arre.work",nocase; classtype:web-application-activity; sid:300000012; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"auto-car-search.site",nocase; classtype:web-application-activity; sid:300000013; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"auto-insurance-search.site",nocase; classtype:web-application-activity; sid:300000014; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"axisradio.ca",nocase; classtype:web-application-activity; sid:300000015; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-n9lnns3n-ok.live",nocase; classtype:web-application-activity; sid:300000016; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-us-auto-loans-ok.live",nocase; classtype:web-application-activity; sid:300000017; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-us-cars-for-seniors-ok.live",nocase; classtype:web-application-activity; sid:300000018; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"be-us-exercise-bikes-ok.live",nocase; classtype:web-application-activity; sid:300000019; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"beautinow.nl",nocase; classtype:web-application-activity; sid:300000020; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bednarmoore.icu",nocase; classtype:web-application-activity; sid:300000021; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"best10hot.website",nocase; classtype:web-application-activity; sid:300000022; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bkk755.biz",nocase; classtype:web-application-activity; sid:300000023; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bleu-bonheur.fr",nocase; classtype:web-application-activity; sid:300000024; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"blogphoneapplication.online",nocase; classtype:web-application-activity; sid:300000025; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"bluetiger.cloud",nocase; classtype:web-application-activity; sid:300000026; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upheavily-bestquickfile.best",nocase; classtype:web-application-activity; sid:300000027; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upheavily-bestsophisticatedfile.best",nocase; classtype:web-application-activity; sid:300000028; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"boot-upsophisticated-bestoverlyfile.best",nocase; classtype:web-application-activity; sid:300000029; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"cautelous132.xyz",nocase; classtype:web-application-activity; sid:300000030; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center-plains.xyz",nocase; classtype:web-application-activity; sid:300000031; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center-planet.xyz",nocase; classtype:web-application-activity; sid:300000032; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center1crater.xyz",nocase; classtype:web-application-activity; sid:300000033; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center1plains.xyz",nocase; classtype:web-application-activity; sid:300000034; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center1sky.xyz",nocase; classtype:web-application-activity; sid:300000035; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center1star.xyz",nocase; classtype:web-application-activity; sid:300000036; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center7mountain.xyz",nocase; classtype:web-application-activity; sid:300000037; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center7ocean.xyz",nocase; classtype:web-application-activity; sid:300000038; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center7planet.xyz",nocase; classtype:web-application-activity; sid:300000039; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"center7sky.xyz",nocase; classtype:web-application-activity; sid:300000040; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"centeracoast.xyz",nocase; classtype:web-application-activity; sid:300000041; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"centeramountain.xyz",nocase; classtype:web-application-activity; sid:300000042; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"centerastar.xyz",nocase; classtype:web-application-activity; sid:300000043; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"centeravolcano.xyz",nocase; classtype:web-application-activity; sid:300000044; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"champion.rest",nocase; classtype:web-application-activity; sid:300000045; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"chatverse.net",nocase; classtype:web-application-activity; sid:300000046; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"chipovysta.pro",nocase; classtype:web-application-activity; sid:300000047; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"claimrewards.rest",nocase; classtype:web-application-activity; sid:300000048; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"coatofarms.nyc",nocase; classtype:web-application-activity; sid:300000049; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"conndickens.icu",nocase; classtype:web-application-activity; sid:300000050; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"connecttheupgradingurls.work",nocase; classtype:web-application-activity; sid:300000051; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"consumerprotectioncybersecurity.org",nocase; classtype:web-application-activity; sid:300000052; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"country-news.live",nocase; classtype:web-application-activity; sid:300000053; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"craftstash.us",nocase; classtype:web-application-activity; sid:300000054; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"crazyprize.buzz",nocase; classtype:web-application-activity; sid:300000055; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"crowdweightyellow.top",nocase; classtype:web-application-activity; sid:300000056; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"curfiositystream.com",nocase; classtype:web-application-activity; sid:300000057; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"curiositydstream.com",nocase; classtype:web-application-activity; sid:300000058; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"curuiositystream.com",nocase; classtype:web-application-activity; sid:300000059; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailymoneysaver.money",nocase; classtype:web-application-activity; sid:300000060; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dailyrep.net",nocase; classtype:web-application-activity; sid:300000061; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"darkview.org",nocase; classtype:web-application-activity; sid:300000062; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dayinlife.net",nocase; classtype:web-application-activity; sid:300000063; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dealsify.net",nocase; classtype:web-application-activity; sid:300000064; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"downansurface.top",nocase; classtype:web-application-activity; sid:300000065; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dpakweoz.info",nocase; classtype:web-application-activity; sid:300000066; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"dutycalls.shop",nocase; classtype:web-application-activity; sid:300000067; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy-asteroid.xyz",nocase; classtype:web-application-activity; sid:300000068; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy-coast.xyz",nocase; classtype:web-application-activity; sid:300000069; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy-sea.xyz",nocase; classtype:web-application-activity; sid:300000070; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy-star.xyz",nocase; classtype:web-application-activity; sid:300000071; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy1mountain.xyz",nocase; classtype:web-application-activity; sid:300000072; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy1ocean.xyz",nocase; classtype:web-application-activity; sid:300000073; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy1volcano.xyz",nocase; classtype:web-application-activity; sid:300000074; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy7asteroid.xyz",nocase; classtype:web-application-activity; sid:300000075; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy7crater.xyz",nocase; classtype:web-application-activity; sid:300000076; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoy7mountain.xyz",nocase; classtype:web-application-activity; sid:300000077; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoyacoast.xyz",nocase; classtype:web-application-activity; sid:300000078; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoyacrater.xyz",nocase; classtype:web-application-activity; sid:300000079; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoyaocean.xyz",nocase; classtype:web-application-activity; sid:300000080; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoyasky.xyz",nocase; classtype:web-application-activity; sid:300000081; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoyastar.xyz",nocase; classtype:web-application-activity; sid:300000082; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"enjoyavolcano.xyz",nocase; classtype:web-application-activity; sid:300000083; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"euronordvpn.com",nocase; classtype:web-application-activity; sid:300000084; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"evaing.live",nocase; classtype:web-application-activity; sid:300000085; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"expatriates.pk",nocase; classtype:web-application-activity; sid:300000086; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"exploreshops.net",nocase; classtype:web-application-activity; sid:300000087; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastfactsonline.co",nocase; classtype:web-application-activity; sid:300000088; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspinc.xyz",nocase; classtype:web-application-activity; sid:300000089; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastspinf.xyz",nocase; classtype:web-application-activity; sid:300000090; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fastwebb.xyz",nocase; classtype:web-application-activity; sid:300000091; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findanswersnow.net",nocase; classtype:web-application-activity; sid:300000092; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"findaupgradingurls.work",nocase; classtype:web-application-activity; sid:300000093; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"fireapps.cloud",nocase; classtype:web-application-activity; sid:300000094; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"forwardcutwere.top",nocase; classtype:web-application-activity; sid:300000095; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"foundnow.net",nocase; classtype:web-application-activity; sid:300000096; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"funspine.xyz",nocase; classtype:web-application-activity; sid:300000097; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"galaxywin.xyz",nocase; classtype:web-application-activity; sid:300000098; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"getbitly.pro",nocase; classtype:web-application-activity; sid:300000099; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"getvideoabc.ru",nocase; classtype:web-application-activity; sid:300000100; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"getvideoall.ru",nocase; classtype:web-application-activity; sid:300000101; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"global-track.space",nocase; classtype:web-application-activity; sid:300000102; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"golddellifewonder.rest",nocase; classtype:web-application-activity; sid:300000103; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"grantaidauthority.site",nocase; classtype:web-application-activity; sid:300000104; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"harveybernhard.icu",nocase; classtype:web-application-activity; sid:300000105; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthfactor.io",nocase; classtype:web-application-activity; sid:300000106; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"healthnfitness.site",nocase; classtype:web-application-activity; sid:300000107; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"help4.info",nocase; classtype:web-application-activity; sid:300000108; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"huge2upgradescentral.work",nocase; classtype:web-application-activity; sid:300000109; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"humansystemsecurity.top",nocase; classtype:web-application-activity; sid:300000110; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"iiuss.biz",nocase; classtype:web-application-activity; sid:300000111; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatecompletelyprecisethefile.vip",nocase; classtype:web-application-activity; sid:300000112; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatecompletelyprogressivethefile.vip",nocase; classtype:web-application-activity; sid:300000113; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatecompletelyspeedythefile.vip",nocase; classtype:web-application-activity; sid:300000114; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiategreatlyfreethefile.vip",nocase; classtype:web-application-activity; sid:300000115; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiategreatlyrecentthefile.vip",nocase; classtype:web-application-activity; sid:300000116; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiateprogressivecompletelythefile.vip",nocase; classtype:web-application-activity; sid:300000117; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiaterecentgreatlythefile.vip",nocase; classtype:web-application-activity; sid:300000118; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiatesophisticatedcompletelythefile.vip",nocase; classtype:web-application-activity; sid:300000119; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"initiateswiftcompletelythefile.vip",nocase; classtype:web-application-activity; sid:300000120; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installcurrentintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000121; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installhighlyrefinedthefile.vip",nocase; classtype:web-application-activity; sid:300000122; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installintenselyoriginalthefile.vip",nocase; classtype:web-application-activity; sid:300000123; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installintenselyrefinedthefile.vip",nocase; classtype:web-application-activity; sid:300000124; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installoverlylatestthefile.vip",nocase; classtype:web-application-activity; sid:300000125; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installoverlynewestthefile.vip",nocase; classtype:web-application-activity; sid:300000126; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installprecisehighlythefile.vip",nocase; classtype:web-application-activity; sid:300000127; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installprogressiveintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000128; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installrecentoverlythefile.vip",nocase; classtype:web-application-activity; sid:300000129; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"installstronghighlythefile.vip",nocase; classtype:web-application-activity; sid:300000130; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ipaint.us",nocase; classtype:web-application-activity; sid:300000131; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"it-is.cool",nocase; classtype:web-application-activity; sid:300000132; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"joyspotmap.xyz",nocase; classtype:web-application-activity; sid:300000133; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataadvance.ru",nocase; classtype:web-application-activity; sid:300000134; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataage.ru",nocase; classtype:web-application-activity; sid:300000135; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataair.ru",nocase; classtype:web-application-activity; sid:300000136; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"juicydataalt.ru",nocase; classtype:web-application-activity; sid:300000137; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumna.xyz",nocase; classtype:web-application-activity; sid:300000138; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnb.xyz",nocase; classtype:web-application-activity; sid:300000139; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnc.xyz",nocase; classtype:web-application-activity; sid:300000140; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnd.xyz",nocase; classtype:web-application-activity; sid:300000141; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumne.xyz",nocase; classtype:web-application-activity; sid:300000142; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaautumnf.xyz",nocase; classtype:web-application-activity; sid:300000143; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringa.xyz",nocase; classtype:web-application-activity; sid:300000144; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringb.xyz",nocase; classtype:web-application-activity; sid:300000145; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringc.xyz",nocase; classtype:web-application-activity; sid:300000146; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringd.xyz",nocase; classtype:web-application-activity; sid:300000147; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringe.xyz",nocase; classtype:web-application-activity; sid:300000148; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalaspringf.xyz",nocase; classtype:web-application-activity; sid:300000149; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummera.xyz",nocase; classtype:web-application-activity; sid:300000150; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummerc.xyz",nocase; classtype:web-application-activity; sid:300000151; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummerd.xyz",nocase; classtype:web-application-activity; sid:300000152; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummere.xyz",nocase; classtype:web-application-activity; sid:300000153; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalasummerf.xyz",nocase; classtype:web-application-activity; sid:300000154; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawintera.xyz",nocase; classtype:web-application-activity; sid:300000155; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawinterb.xyz",nocase; classtype:web-application-activity; sid:300000156; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawinterc.xyz",nocase; classtype:web-application-activity; sid:300000157; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawinterd.xyz",nocase; classtype:web-application-activity; sid:300000158; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"koalawintere.xyz",nocase; classtype:web-application-activity; sid:300000159; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"link4updatingcentral.work",nocase; classtype:web-application-activity; sid:300000160; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lltrsknoob.click",nocase; classtype:web-application-activity; sid:300000161; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"louisvillegigs.net",nocase; classtype:web-application-activity; sid:300000162; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lubbockeda.org",nocase; classtype:web-application-activity; sid:300000163; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"lucky-worldwide-prize-random.rest",nocase; classtype:web-application-activity; sid:300000164; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"luckyworldwideprizerandom.rest",nocase; classtype:web-application-activity; sid:300000165; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"makingbettermoney.co",nocase; classtype:web-application-activity; sid:300000166; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"marketloans.net",nocase; classtype:web-application-activity; sid:300000167; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mazestation.games",nocase; classtype:web-application-activity; sid:300000168; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mistvideo.ru",nocase; classtype:web-application-activity; sid:300000169; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobi1crater.xyz",nocase; classtype:web-application-activity; sid:300000170; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobi1mountain.xyz",nocase; classtype:web-application-activity; sid:300000171; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobi1planet.xyz",nocase; classtype:web-application-activity; sid:300000172; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobi7sea.xyz",nocase; classtype:web-application-activity; sid:300000173; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobi7sky.xyz",nocase; classtype:web-application-activity; sid:300000174; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobi7volcano.xyz",nocase; classtype:web-application-activity; sid:300000175; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobiacrater.xyz",nocase; classtype:web-application-activity; sid:300000176; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobiaocean.xyz",nocase; classtype:web-application-activity; sid:300000177; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobiaplanet.xyz",nocase; classtype:web-application-activity; sid:300000178; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobiastar.xyz",nocase; classtype:web-application-activity; sid:300000179; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobiavolcano.xyz",nocase; classtype:web-application-activity; sid:300000180; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mobyfox.shop",nocase; classtype:web-application-activity; sid:300000181; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"mybesthealthplan.org",nocase; classtype:web-application-activity; sid:300000182; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nettrafficpartners.net",nocase; classtype:web-application-activity; sid:300000183; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"news-daluku.cc",nocase; classtype:web-application-activity; sid:300000184; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"newsinformer.net",nocase; classtype:web-application-activity; sid:300000185; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"nordvpnhosting.com",nocase; classtype:web-application-activity; sid:300000186; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"octonew.me",nocase; classtype:web-application-activity; sid:300000187; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"offerpage.link",nocase; classtype:web-application-activity; sid:300000188; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"offersearch.info",nocase; classtype:web-application-activity; sid:300000189; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"paint-lion-history-loud.xyz",nocase; classtype:web-application-activity; sid:300000190; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumna.xyz",nocase; classtype:web-application-activity; sid:300000191; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnb.xyz",nocase; classtype:web-application-activity; sid:300000192; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnc.xyz",nocase; classtype:web-application-activity; sid:300000193; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnd.xyz",nocase; classtype:web-application-activity; sid:300000194; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaautumnf.xyz",nocase; classtype:web-application-activity; sid:300000195; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringa.xyz",nocase; classtype:web-application-activity; sid:300000196; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringb.xyz",nocase; classtype:web-application-activity; sid:300000197; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringc.xyz",nocase; classtype:web-application-activity; sid:300000198; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringd.xyz",nocase; classtype:web-application-activity; sid:300000199; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringe.xyz",nocase; classtype:web-application-activity; sid:300000200; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandaspringf.xyz",nocase; classtype:web-application-activity; sid:300000201; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummera.xyz",nocase; classtype:web-application-activity; sid:300000202; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummerc.xyz",nocase; classtype:web-application-activity; sid:300000203; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummerd.xyz",nocase; classtype:web-application-activity; sid:300000204; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummere.xyz",nocase; classtype:web-application-activity; sid:300000205; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandasummerf.xyz",nocase; classtype:web-application-activity; sid:300000206; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawintera.xyz",nocase; classtype:web-application-activity; sid:300000207; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterb.xyz",nocase; classtype:web-application-activity; sid:300000208; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterc.xyz",nocase; classtype:web-application-activity; sid:300000209; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterd.xyz",nocase; classtype:web-application-activity; sid:300000210; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawintere.xyz",nocase; classtype:web-application-activity; sid:300000211; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"pandawinterf.xyz",nocase; classtype:web-application-activity; sid:300000212; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"people-around.me",nocase; classtype:web-application-activity; sid:300000213; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performhighlyspeedythefile.vip",nocase; classtype:web-application-activity; sid:300000214; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performhighlyswiftthefile.vip",nocase; classtype:web-application-activity; sid:300000215; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"performrefinedoverlythefile.vip",nocase; classtype:web-application-activity; sid:300000216; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"peterhahn.be",nocase; classtype:web-application-activity; sid:300000217; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"phoneapplicationmap.top",nocase; classtype:web-application-activity; sid:300000218; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"phonesecuritymagic.top",nocase; classtype:web-application-activity; sid:300000219; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placefortheupgradesset.work",nocase; classtype:web-application-activity; sid:300000220; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"placespina.xyz",nocase; classtype:web-application-activity; sid:300000221; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumna.xyz",nocase; classtype:web-application-activity; sid:300000222; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnb.xyz",nocase; classtype:web-application-activity; sid:300000223; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnc.xyz",nocase; classtype:web-application-activity; sid:300000224; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnd.xyz",nocase; classtype:web-application-activity; sid:300000225; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumne.xyz",nocase; classtype:web-application-activity; sid:300000226; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playautumnf.xyz",nocase; classtype:web-application-activity; sid:300000227; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playplanete.xyz",nocase; classtype:web-application-activity; sid:300000228; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringa.xyz",nocase; classtype:web-application-activity; sid:300000229; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringb.xyz",nocase; classtype:web-application-activity; sid:300000230; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringc.xyz",nocase; classtype:web-application-activity; sid:300000231; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringd.xyz",nocase; classtype:web-application-activity; sid:300000232; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playspringe.xyz",nocase; classtype:web-application-activity; sid:300000233; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummera.xyz",nocase; classtype:web-application-activity; sid:300000234; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummerb.xyz",nocase; classtype:web-application-activity; sid:300000235; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummerc.xyz",nocase; classtype:web-application-activity; sid:300000236; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummere.xyz",nocase; classtype:web-application-activity; sid:300000237; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playsummerf.xyz",nocase; classtype:web-application-activity; sid:300000238; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwintera.xyz",nocase; classtype:web-application-activity; sid:300000239; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterb.xyz",nocase; classtype:web-application-activity; sid:300000240; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterc.xyz",nocase; classtype:web-application-activity; sid:300000241; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterd.xyz",nocase; classtype:web-application-activity; sid:300000242; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwintere.xyz",nocase; classtype:web-application-activity; sid:300000243; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"playwinterf.xyz",nocase; classtype:web-application-activity; sid:300000244; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"premium-news-for.me",nocase; classtype:web-application-activity; sid:300000245; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"premium-shops-around.me",nocase; classtype:web-application-activity; sid:300000246; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"press-news-for.me",nocase; classtype:web-application-activity; sid:300000247; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"producthunter.club",nocase; classtype:web-application-activity; sid:300000248; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"profitablesurvey.site",nocase; classtype:web-application-activity; sid:300000249; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"profitsurvey.live",nocase; classtype:web-application-activity; sid:300000250; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"promotionclaim.rest",nocase; classtype:web-application-activity; sid:300000251; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"protect-ios.com",nocase; classtype:web-application-activity; sid:300000252; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"qfind.net",nocase; classtype:web-application-activity; sid:300000253; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"quizshein.shop",nocase; classtype:web-application-activity; sid:300000254; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rancy.xyz",nocase; classtype:web-application-activity; sid:300000255; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"randompromotion.rest",nocase; classtype:web-application-activity; sid:300000256; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"real-buy.net",nocase; classtype:web-application-activity; sid:300000257; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rehab-centers-here-now.site",nocase; classtype:web-application-activity; sid:300000258; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"restorerefinedsuperthefile.vip",nocase; classtype:web-application-activity; sid:300000259; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"restoresuperspeedythefile.vip",nocase; classtype:web-application-activity; sid:300000260; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rewardgivingrealspecialoffer.cyou",nocase; classtype:web-application-activity; sid:300000261; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"richsurvey.live",nocase; classtype:web-application-activity; sid:300000262; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"robogarden.io",nocase; classtype:web-application-activity; sid:300000263; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"runadvanced-bestgreatlyfile.best",nocase; classtype:web-application-activity; sid:300000264; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"rungreatly-bestadvancedfile.best",nocase; classtype:web-application-activity; sid:300000265; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"ryknxj.top",nocase; classtype:web-application-activity; sid:300000266; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"safeguide.net",nocase; classtype:web-application-activity; sid:300000267; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"seaplaytoo.top",nocase; classtype:web-application-activity; sid:300000268; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"search-zero1.online",nocase; classtype:web-application-activity; sid:300000269; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"searchmgr.online",nocase; classtype:web-application-activity; sid:300000270; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"searchoffers.info",nocase; classtype:web-application-activity; sid:300000271; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"secureyounow.live",nocase; classtype:web-application-activity; sid:300000272; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"selectedlab.buzz",nocase; classtype:web-application-activity; sid:300000273; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sendnow.us",nocase; classtype:web-application-activity; sid:300000274; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopadvisors.net",nocase; classtype:web-application-activity; sid:300000275; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopin.nyc",nocase; classtype:web-application-activity; sid:300000276; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"shopnsave.world",nocase; classtype:web-application-activity; sid:300000277; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sightcottonreply.top",nocase; classtype:web-application-activity; sid:300000278; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"smartuv.shop",nocase; classtype:web-application-activity; sid:300000279; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"software-dealz.de",nocase; classtype:web-application-activity; sid:300000280; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonic-ocean.xyz",nocase; classtype:web-application-activity; sid:300000281; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonic-plains.xyz",nocase; classtype:web-application-activity; sid:300000282; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonic1asteroid.xyz",nocase; classtype:web-application-activity; sid:300000283; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonic1coast.xyz",nocase; classtype:web-application-activity; sid:300000284; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonic1ocean.xyz",nocase; classtype:web-application-activity; sid:300000285; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonic7sea.xyz",nocase; classtype:web-application-activity; sid:300000286; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonicaasteroid.xyz",nocase; classtype:web-application-activity; sid:300000287; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sonicacrater.xyz",nocase; classtype:web-application-activity; sid:300000288; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotmapd.xyz",nocase; classtype:web-application-activity; sid:300000289; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotmapf.xyz",nocase; classtype:web-application-activity; sid:300000290; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"spotplanetc.xyz",nocase; classtype:web-application-activity; sid:300000291; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"stickr.co",nocase; classtype:web-application-activity; sid:300000292; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"storeuberspeedythefile.vip",nocase; classtype:web-application-activity; sid:300000293; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamdevelopedintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000294; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamingmadness.net",nocase; classtype:web-application-activity; sid:300000295; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintenselyrefinedthefile.vip",nocase; classtype:web-application-activity; sid:300000296; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamintenselysophisticatedthefile.vip",nocase; classtype:web-application-activity; sid:300000297; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streampreciseintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000298; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"streamspeedyintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000299; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"subeamy.pw",nocase; classtype:web-application-activity; sid:300000300; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"surprisinglysimple.co",nocase; classtype:web-application-activity; sid:300000301; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sweetalt.ru",nocase; classtype:web-application-activity; sid:300000302; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"sweetgirls.buzz",nocase; classtype:web-application-activity; sid:300000303; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"synccurrentmostthefile.vip",nocase; classtype:web-application-activity; sid:300000304; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncnewestmostthefile.vip",nocase; classtype:web-application-activity; sid:300000305; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syncrecentintenselythefile.vip",nocase; classtype:web-application-activity; sid:300000306; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"syssysupdate.top",nocase; classtype:web-application-activity; sid:300000307; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"taboo.news",nocase; classtype:web-application-activity; sid:300000308; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"taboola.blog",nocase; classtype:web-application-activity; sid:300000309; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"techandgadgets.net",nocase; classtype:web-application-activity; sid:300000310; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thanksyoursupport.club",nocase; classtype:web-application-activity; sid:300000311; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the-crater.xyz",nocase; classtype:web-application-activity; sid:300000312; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the-sky.xyz",nocase; classtype:web-application-activity; sid:300000313; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the-star.xyz",nocase; classtype:web-application-activity; sid:300000314; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the1planet.xyz",nocase; classtype:web-application-activity; sid:300000315; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the1star.xyz",nocase; classtype:web-application-activity; sid:300000316; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the1volcano.xyz",nocase; classtype:web-application-activity; sid:300000317; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the7coast.xyz",nocase; classtype:web-application-activity; sid:300000318; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the7crater.xyz",nocase; classtype:web-application-activity; sid:300000319; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the7plains.xyz",nocase; classtype:web-application-activity; sid:300000320; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"the7volcano.xyz",nocase; classtype:web-application-activity; sid:300000321; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theaasteroid.xyz",nocase; classtype:web-application-activity; sid:300000322; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theacrater.xyz",nocase; classtype:web-application-activity; sid:300000323; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theaocean.xyz",nocase; classtype:web-application-activity; sid:300000324; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theasky.xyz",nocase; classtype:web-application-activity; sid:300000325; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theastar.xyz",nocase; classtype:web-application-activity; sid:300000326; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theavolcano.xyz",nocase; classtype:web-application-activity; sid:300000327; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"theconnectvpn.com",nocase; classtype:web-application-activity; sid:300000328; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thedealexpert.net",nocase; classtype:web-application-activity; sid:300000329; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"thelastpicture.show",nocase; classtype:web-application-activity; sid:300000330; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"timefornews.online",nocase; classtype:web-application-activity; sid:300000331; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"to-an-us-dental-implants-well.live",nocase; classtype:web-application-activity; sid:300000332; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"to-us-dental-implants-wiki.live",nocase; classtype:web-application-activity; sid:300000333; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"topdating.online",nocase; classtype:web-application-activity; sid:300000334; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"trotineo.fr",nocase; classtype:web-application-activity; sid:300000335; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"truecompassion.net",nocase; classtype:web-application-activity; sid:300000336; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"truly-diet.store",nocase; classtype:web-application-activity; sid:300000337; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updatephoneoffice.club",nocase; classtype:web-application-activity; sid:300000338; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"updateview.tech",nocase; classtype:web-application-activity; sid:300000339; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"usforeclosure.net",nocase; classtype:web-application-activity; sid:300000340; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videoau.ru",nocase; classtype:web-application-activity; sid:300000341; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videoauthor.ru",nocase; classtype:web-application-activity; sid:300000342; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videochanelace.ru",nocase; classtype:web-application-activity; sid:300000343; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videochanelact.ru",nocase; classtype:web-application-activity; sid:300000344; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videochanelair.ru",nocase; classtype:web-application-activity; sid:300000345; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videolookable.ru",nocase; classtype:web-application-activity; sid:300000346; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videolookace.ru",nocase; classtype:web-application-activity; sid:300000347; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videolookact.ru",nocase; classtype:web-application-activity; sid:300000348; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videolookalt.ru",nocase; classtype:web-application-activity; sid:300000349; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videomixable.ru",nocase; classtype:web-application-activity; sid:300000350; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videomixace.ru",nocase; classtype:web-application-activity; sid:300000351; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videomixact.ru",nocase; classtype:web-application-activity; sid:300000352; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videovoiceable.ru",nocase; classtype:web-application-activity; sid:300000353; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"videovoiceace.ru",nocase; classtype:web-application-activity; sid:300000354; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"viralsparks.io",nocase; classtype:web-application-activity; sid:300000355; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"vpn-pro.club",nocase; classtype:web-application-activity; sid:300000356; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"wallda.site",nocase; classtype:web-application-activity; sid:300000357; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"web-security.ml",nocase; classtype:web-application-activity; sid:300000358; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"webtactics.ca",nocase; classtype:web-application-activity; sid:300000359; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"west1asteroid.xyz",nocase; classtype:web-application-activity; sid:300000360; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"west1ocean.xyz",nocase; classtype:web-application-activity; sid:300000361; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"west1plains.xyz",nocase; classtype:web-application-activity; sid:300000362; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"west1sky.xyz",nocase; classtype:web-application-activity; sid:300000363; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"west1star.xyz",nocase; classtype:web-application-activity; sid:300000364; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"westaasteroid.xyz",nocase; classtype:web-application-activity; sid:300000365; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"westamountain.xyz",nocase; classtype:web-application-activity; sid:300000366; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"westaocean.xyz",nocase; classtype:web-application-activity; sid:300000367; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"westaplanet.xyz",nocase; classtype:web-application-activity; sid:300000368; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"westasea.xyz",nocase; classtype:web-application-activity; sid:300000369; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"westastar.xyz",nocase; classtype:web-application-activity; sid:300000370; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"wildermanrolfson.icu",nocase; classtype:web-application-activity; sid:300000371; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"winnerz.icu",nocase; classtype:web-application-activity; sid:300000372; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"worldtechguide.net",nocase; classtype:web-application-activity; sid:300000373; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"your-magazine.me",nocase; classtype:web-application-activity; sid:300000374; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"zalando-prive.es",nocase; classtype:web-application-activity; sid:300000375; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"zergnet.net",nocase; classtype:web-application-activity; sid:300000376; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"zerovideo.ru",nocase; classtype:web-application-activity; sid:300000377; rev:1;)
|
|
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"pup-filter PUP website detected"; http_header:field host; content:"zeusmedia.info",nocase; classtype:web-application-activity; sid:300000378; rev:1;)
|