{ "type": "Domain", "indicator": "data.name", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/data.name", "alexa": "http://www.alexa.com/siteinfo/data.name", "indicator": "data.name", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 2762224801, "indicator": "data.name", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 25, "pulses": [ { "id": "69ea02a2f2ea5e0297caa726", "name": "Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions", "description": "Security firm Checkmarx has been the target of a serious supply chain compromise, according to researchers at the Socket Research Team and the Open Source Software (OSS) in the United States and Canada.", "modified": "2026-05-23T11:20:53.452000", "created": "2026-04-23T11:29:38.193000", "tags": [ "github", "github actions", "checkmarx", "docker", "kics image", "yaml", "socket", "docker hub", "kics", "vs code", "april", "open", "powershell", "dune", "code", "mcpaddon.js" ], "references": [ "https://socket.dev/blog/checkmarx-supply-chain-compromise" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "mcpAddon.js", "display_name": "mcpAddon.js", "target": null }, { "id": "KICS", "display_name": "KICS", "target": null } ], "attack_ids": [ { "id": "T1525", "name": "Implant Internal Image", "display_name": "T1525 - Implant Internal Image" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1195", "name": "Supply Chain Compromise", "display_name": "T1195 - Supply Chain Compromise" }, { "id": "T1134", "name": "Access Token Manipulation", "display_name": "T1134 - Access Token Manipulation" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 2, "FileHash-SHA1": 4, "FileHash-SHA256": 11, "URL": 1, "domain": 1, "hostname": 2 }, "indicator_count": 21, "is_author": false, "is_subscribing": null, "subscriber_count": 863, "modified_text": "8 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f6f81dc2388c0fa027", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:54.563000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 218, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 119, "hostname": 133, "email": 4 }, "indicator_count": 2154, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f683111bbbe1c9ae35", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:54.775000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 218, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 119, "hostname": 133, "email": 4 }, "indicator_count": 2154, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f6657dd0c212d8344a", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:54.060000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 217, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 118, "hostname": 133, "email": 2 }, "indicator_count": 2150, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f511d0121d253b753d", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:53.436000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 224, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 140, "hostname": 166, "email": 2, "CVE": 8 }, "indicator_count": 2220, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f4d72c30f9586634b9", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:52.444000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 220, "FileHash-MD5": 562, "FileHash-SHA1": 566, "FileHash-SHA256": 1011, "URL": 125, "hostname": 139, "email": 4 }, "indicator_count": 2627, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d79c38e0a059039b475ebe", "name": "CAPE Sandbox", "description": "Email today from them on my line. Very wild things happening here. trying to close my line", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T12:31:52.495000", "tags": [ "html document", "unicode text", "utf8 text", "crlf", "lf line", "site", "meta", "verizon", "wireless", "internet", "phone services", "official", "shop verizon", "lte network", "get fios", "title", "code", "error", "utc na", "utc google", "tag manager", "gtmw2vn2cq", "utc dc9849921", "utc dc685973", "utc g12r1dx1lx7", "utc aw647962234", "utc aw2761768", "utc aw685973", "verizon business", "verizon for business", "verizon business account", "verizon business phone", "verizon wireless for business", "verizon business service", "verizon business plan", "business internet services", "learn", "gartner", "contact", "find", "discover", "support", "close log", "shop", "upgrade", "small", "voice", "chat", "mitre attack", "network info", "program", "html page", "t1055 process", "overview", "processes extra", "overview zenbox", "verdict", "guest system", "phishing", "next", "ver2", "msclkidn", "utc amazon", "analytics na", "utc bing", "vids1", "vids0", "gdlname" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX", "https://www.verizon.com/business/", "https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 772, "hostname": 706, "domain": 875, "FileHash-SHA256": 2348, "FileHash-MD5": 2237, "FileHash-SHA1": 2260, "CVE": 1, "email": 9 }, "indicator_count": 9208, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d4f2dd828bbf0ac5efaa23", "name": "VirusTotal report\n for sample.crx", "description": "A small sample of malware has been identified by researchers at the University of Oregon in the US, and the results are published on the web, as well as on Google's Chrome extension and other sites.", "modified": "2026-05-07T12:05:50.774000", "created": "2026-04-07T12:04:44.957000", "tags": [ "file type", "json", "ascii text", "png image", "crlf line", "ascii", "rgba", "unicode text", "utf8 text", "defense evasion", "malicious" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 668, "FileHash-MD5": 668, "FileHash-SHA1": 675, "URL": 153, "domain": 230, "hostname": 177, "email": 2 }, "indicator_count": 2573, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d4f2db0b3448671adcce16", "name": "VirusTotal report\n for sample.crx", "description": "A small sample of malware has been identified by researchers at the University of Oregon in the US, and the results are published on the web, as well as on Google's Chrome extension and other sites.", "modified": "2026-05-07T12:05:50.774000", "created": "2026-04-07T12:04:43.156000", "tags": [ "file type", "json", "ascii text", "png image", "crlf line", "ascii", "rgba", "unicode text", "utf8 text", "defense evasion", "malicious" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 668, "FileHash-MD5": 668, "FileHash-SHA1": 675, "URL": 153, "domain": 230, "hostname": 177, "email": 2 }, "indicator_count": 2573, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d4f2d9ce86a445b484593b", "name": "VirusTotal report\n for sample.crx", "description": "A small sample of malware has been identified by researchers at the University of Oregon in the US, and the results are published on the web, as well as on Google's Chrome extension and other sites.", "modified": "2026-05-07T12:05:50.774000", "created": "2026-04-07T12:04:41.097000", "tags": [ "file type", "json", "ascii text", "png image", "crlf line", "ascii", "rgba", "unicode text", "utf8 text", "defense evasion", "malicious" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 668, "FileHash-MD5": 668, "FileHash-SHA1": 675, "URL": 153, "domain": 230, "hostname": 177, "email": 2 }, "indicator_count": 2573, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "68adee67c08cd025b05c2ab0", "name": "Collection of Collections - Updated - Malicious Certificates & University of Alberta DataBreach - 09.15.25.25", "description": "This Pulse is an attempt to aggregate all known certificates from all sources.\n\nEncrypted Communication: The malware uses Bitcoin and Ethereum addresses for communication, allowing it to receive commands and exfiltrate data securely.\nEvasion Techniques: The malware generates long and unusual domain parts using Domain Generation Algorithms to evade detection and establish communication with its C2 server.\nData Exfiltration: The malware can exfiltrate data to cloud storage services, enabling the threat actor to steal sensitive information from the compromised system.\nRemote Access: The malware leverages bidirectional communication and system binary proxy execution techniques to enable remote access and control over the infected system.\nIngress Tool Transfer: The malware downloads executable files from URLs, indicating its ability to download additional malicious payloads or updates to enhance its capabilities.", "modified": "2025-10-16T05:02:02.452000", "created": "2025-08-26T17:27:01.650000", "tags": [ "http", "https", "kgs0", "kls0", "Malcerts", "Certificates", "Alberta", "GovAB", "UAlberta", "Speader" ], "references": [ "https://www.virustotal.com/graph/embed/g0cfdc207f7d14c9a9173c2f9b804dd92b17706ef2a8c41dba3e0af36353cd70b?theme=dark", "https://viz.greynoise.io/ip/analysis/408b56e2-1932-4975-b348-5a8a7c5991d4", "https://report.netcraft.com/submission/ATkcJjvq2iKUQhELceQs7q4WVU76Q8QG - Submitted IPv4s to Netcraft 08.29.25", "https://www.filescan.io/uploads/68b261771c81c34281d8af6d/reports/44924eb0-000d-42ad-944e-36bf849a406d/overview", "https://www.virustotal.com/gui/file/19ec86ce10a716e8e63804239052c96cfa0a7fb66c2820bda2e66358f622525c/community", "Added some URLs from FSio Report to URLScan" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Canada", "Netherlands", "Aruba", "Panama", "Poland", "Ukraine", "United Kingdom of Great Britain and Northern Ireland", "Anguilla", "United Arab Emirates", "Ireland", "Tanzania, United Republic of", "Philippines", "Japan", "Guatemala", "Mexico", "Bahamas", "Barbados", "Georgia", "Slovakia", "Sint Maarten (Dutch part)", "Kenya" ], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Government", "Technology", "Telecommunications", "Healthcare" ], "TLP": "white", "cloned_from": null, "export_count": 25, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 2, "follower_count": 0, "vote": 0, "author": { "username": "Disable_Duck", "id": "244325", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_244325/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1639, "FileHash-MD5": 1481, "FileHash-SHA1": 1421, "FileHash-SHA256": 5969, "domain": 707, "hostname": 2311, "email": 5, "CIDR": 13 }, "indicator_count": 13546, "is_author": false, "is_subscribing": null, "subscriber_count": 133, "modified_text": "227 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6647908c09468f42bc1249f1", "name": "University of Alberta Azure/Entra Compromised Tenant Compromized Institution", "description": "Update: Academic/Non-Academic Staff Unions, 3rd party org, & some profs/students/alumni tried raising concerns to Admins/President/IST & CISO => Maintaining position they will not be looking into reported problems re: Cybersecurity under any circumstances = more time more problems? Attempts to advocate -> Harrass./Discrim./De-humanizing responses from admins (representing all folks - recorded). \nTenant ID: 718b8a9b-44d8-441a-a344-4294ea842172 = This pulse is 1 example (small) of problems.\n\nPrimary domain\nualbertaca.onmicrosoft.com\nCustom Domain Names\nualberta.ca\nVerified\nualbertaca.onmicrosoft.com", "modified": "2025-03-01T04:59:57.222000", "created": "2024-05-17T17:14:52.317000", "tags": [ "false", "true", "visible", "application", "microsoft teams", "microsoft azure", "office", "service", "dynamics", "hidden", "android", "explorer", "write", "connector", "test", "sharepoint", "live", "meister", "tools", "desktop", "spark", "front", "enterprise", "designer", "atlas", "premium", "assistant", "allow", "azureadmyorg", "game", "verify", "microsoft power", "channelsurfcli", "mtd1", "file transfer", "magnus", "microsoft crm", "youth" ], "references": [ "All - EnterpriseAppsList.csv", "AppRegistrationList.csv", "https://tria.ge/240517-vc7c1shc62/behavioral1", "https://tria.ge/240517-vdwb5shc71/behavioral1", "https://tria.ge/240517-vqxezaaa33/behavioral1", "https://tria.ge/240517-t9pc2ahb2t", "https://www.virustotal.com/graph/embed/g9453a2f58a3340f18120987c2b4d710dbb44ded88c434abf8894458a98c7bd4b?theme=dark", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/iocs", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/graph", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/summary", "https://www.filescan.io/uploads/66479b483313f70f0afe3dbb", "https://www.filescan.io/uploads/664799c9d5c40bffee6106d7", "Thor Scan: S-I9VvMTB6cZU", "https://www.filescan.io/uploads/664ba368d5c40bffee63b1ee/reports/31817751-6b5d-45df-8813-472aa6c756a3/overview", "https://www.filescan.io/uploads/664ba8a20663ff3c2ec6428a/reports/09d3d82a-7ec1-4804-93e5-5ae691fbb7f2/overview", "https://imp0rtp3.wordpress.com/2021/08/12/tetris/", "https://www.filescan.io/uploads/664bb0cd7c9fb1468fc610c5/reports/00c78e4d-2156-4906-a106-ebf7e2723251/overview", "https://www.filescan.io/uploads/664bb40fbc04dffa92240ca2/reports/398074f2-c7b6-40e9-9b5c-4225cc990473/overview", "https://www.filescan.io/uploads/664bb683bc04dffa92241015/reports/92b70fd6-97d7-4386-8465-f3fd79043843/overview", "https://tria.ge/240521-q4s79agb25/static1", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906322f5af13cdfb50be", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906222f5af13cdfb5093", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767/reports/dda2c8a1-96fd-4c00-9cbc-c64c4685a804/overview", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767", "https://viz.greynoise.io/analysis/33e9b33b-b932-4c43-9be1-3e2d6f9cb4b3", "https://viz.greynoise.io/analysis/e51d9a15-d802-4d51-9a70-17803dc2693a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b", "Above Malcore Strings: All - EnterpriseAppsList, AppRegistration, EnterpriseAppslist, exportGroup, exportUsers, HiddenApps - EnterpriseAppsList****", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00975ea31558d54fceea", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cff1a5ea31558d54fcbf6", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d0107b44401771de9ebf2", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00356dd8f43b723a915a", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cffec5ea31558d54fcda2", "https://www.hudsonrock.com/search?domain=ualberta.ca", "https://www.criminalip.io/domain/report?scan_id=13798622", "https://viz.greynoise.io/analysis/9635144c-db8f-47ab-a83a-5785602244cf - 07.03.24", "https://urlscan.io/search/#ualberta.ca", "https://www.virustotal.com/gui/collection/0ca12fcdd125ec5a5055180ee828b98d47b8b2e920660be559c2b602266b6b1d/iocs", "https://sitereport.netcraft.com/?url=http://ualberta.ca", "https://www.wordfence.com/blog/2022/10/threat-advisory-monitoring-cve-2022-42889-text4shell-exploit-attempts/", "https://tenantresolution.pingcastle.com/Search - Tenant still active (07.19.24) - Good jobs ya'll", "https://www.virustotal.com/graph/embed/gf1d5aa209c7f4fd086e4cb17dcd0af52421ea4bae87d49fe9b4076b382612f0e?theme=dark", "https://viz.greynoise.io/query/AS36351%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS60068%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS8075%20classification:%22malicious%22", "https://viz.greynoise.io/query/AS15169%20classification:%22malicious%22", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b - https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b = Hidden Apps - Enterprise Apps List" ], "public": 1, "adversary": "", "targeted_countries": [ "United States of America", "Canada" ], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Technology", "Healthcare", "Telecommunications", "Government" ], "TLP": "white", "cloned_from": null, "export_count": 25, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 7, "follower_count": 0, "vote": 0, "author": { "username": "Disable_Duck", "id": "244325", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_244325/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 1703, "FileHash-SHA256": 90472, "URL": 99185, "domain": 82954, "hostname": 39041, "FileHash-SHA1": 1624, "email": 4658, "CVE": 12 }, "indicator_count": 319649, "is_author": false, "is_subscribing": null, "subscriber_count": 140, "modified_text": "456 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6660c1268a1f430e17236b55", "name": "Python: OVSAgentServer Document (autofilled name)", "description": "Here is the full text of the Vuze-dht-info script, which is written by \"Patrik Karlsson\" and followed by the following:-1-2-3. (Autofilled). This was pulled from a Windows 11 Hidden Folder from UAlberta Sample Device.", "modified": "2024-07-24T20:04:38.074000", "created": "2024-06-05T19:48:54.286000", "tags": [ "vuze", "dht service", "force", "port", "port state", "service version", "transaction id", "connection id", "vendor id", "azureus", "methods", "function", "method", "performs", "uri path", "same", "nmap", "see https", "buffer", "http post", "xdmcp", "session id", "mitmagiccookie1", "authorization", "displayid", "x display", "su p", "service", "patrik karlsson", "x server", "code", "xopendisplay", "checks", "tcp port", "xhost", "list", "host", "null", "retrieves", "wsdiscovery", "framework", "message id", "device wprt", "patrik", "author", "example", "john foo", "athens", "attiki", "domain name", "attempts", "service reason", "support", "active", "error", "false", "t3 protocol", "extrainfo", "weblogicversion", "t3 rmi", "daniel miller", "weblogic", "note", "cvss score", "isc bind", "todo", "cvss", "cpes", "sv output", "limit cves", "dot com", "mark", "elem", "stripnull", "wind debug", "wind river", "systems vxworks", "debug service", "boot line", "wdbprocedure", "agent", "vulnerable", "metasploit", "target", "seqnum", "vtam", "logon", "tn3270", "applid", "ibmtest", "cics", "dominic white", "tn3270 screen", "folder", "soldier", "path", "screen", "server", "cluster", "name", "http port", "admin port", "voldemort", "persistence", "driver", "apple remote", "desktop", "sasl", "aten", "vnc auth", "tries", "vnc server", "libvncserver", "bypass", "tight auth", "security", "mac os", "x security", "daemon", "220 vmware", "pass", "connectionpool", "xmpp", "login", "plain", "jabber", "soap api", "server version", "build", "os type", "product line", "header", "queries", "vmware server", "esxi", "vasto", "this", "body", "problem", "xmlns", "dns name", "tigase", "registration", "tonumber", "mlink", "connects", "citadel", "inside", "administrator", "root path", "database path", "sat mar", "version", "extracts", "versant object", "databases", "urls", "sniffed", "require", "sniffs", "http traffic", "ip address", "script output", "interface", "controls", "upnp service", "thomas buchanan", "table", "thisdb", "iana", "string", "arin", "boolean true", "comp", "meta", "trim", "actions", "openssh", "postfix smtpd", "msrpc", "runs", "comm", "prot", "group", "head", "admin", "phan", "ventrilo udp", "totpck", "totlen", "win32", "ping", "raid", "formats", "idera uptime", "intel", "gets", "domain", "arch", "linux", "smp fri", "x8664 x8664", "gnulinux", "info", "tso user", "user id", "userid", "tso logon", "valid user", "data", "nse object", "fakeuser", "razor", "blade", "plague", "tlvvalue", "ubiquiti", "probev1", "bb i2", "probev2", "tom sellers", "hidden", "zzzzz", "ooooo ssss", "enter", "fortran", "user", "skipped", "zero", "cool", "final", "scriptname", "ticketbleed", "tls session", "high", "tls stack", "hello", "done", "tls npn", "connection", "tls server", "npn extension", "spdy4a4", "spdy3", "hani benhabiles", "alpnname", "tls alpn", "client hello", "alpndone end", "alpn protocol", "filenotfound", "requesterror", "filefound", "enumerates", "tftp", "cisco", "script", "unknown", "kml file", "google earth", "geolocation", "italy", "getvalue", "rtt address", "sweden", "activetelnet", "hosttest2", "negotiate", "ntlm", "ntlmssp message", "netbios", "dnsdomainname", "dnscomputername", "dnstreename", "teamspeak", "udp packet", "cowclans", "service info", "traceroute scan", "hops", "inserts", "nmap scanning", "henri doreau", "nmap xml", "attribute", "loads", "address type", "ipv4", "ipv6", "filename", "telnet server", "freebsd", "option", "determines", "exploit", "linux advisory", "telnet", "default", "nick nikolaou", "make", "status", "driver object", "verdict", "target object", "telnet host", "telnet port", "password", "usersegs", "prefijo", "tablapalabras", "direccion", "prefixaux", "userright", "ipv6bin", "filler", "first", "iface", "ipv6 address", "targetstr", "slaac", "ipv6 host", "icmpv6 router", "advertisement", "nd host", "ipv6 stateless", "david fifield", "cidr notation", "bond", "simplified", "bsd license", "srcmac", "sends", "icmpv6 packet", "weilin", "icmpv6 echo", "svn server", "username", "crammd5", "helper", "result", "ipaux", "ipv6user", "ipv6network", "grantotal", "ipv6 subnet", "ipv4sub", "sslv2", "matthew boyle", "stuxnet", "infected", "stuxnetpaths", "stuxnetuuid", "stuxnetversion", "rpcgetversion", "smb session", "stuxnet service", "stdnse", "check", "secure socket", "https layer", "sstp traffic", "current sstp", "seil", "snippet", "ipmi", "exploitable", "output file", "calderon", "openssl", "heartbleed bug", "eof receiving", "match", "fingerprintfile", "ssl certificate", "littleblackbox", "apt1", "specify", "drown", "cve20160800", "sslv2 protocol", "tls ciphertext", "cve20153197", "cve20160703", "rsa data", "rfc1918", "ssl service", "issuer", "x509v3", "reports", "x509v3 subject", "steve benson", "sslv3", "ccs injection", "timeout", "ccs packet", "ssltls mitm", "protocol", "sweet32 attack", "ciphersuite", "chunksize", "gethellotable", "broken cipher", "find", "compressor", "format", "certificate", "pem return", "public key", "pcall", "delaware", "san jose", "california", "paypal", "accepted public", "keys", "checking key", "found", "connect", "actionend end", "specifies", "devin bjelland", "sshv1", "ssh server", "ssh protocol", "brandon enright", "modp group", "dsa group", "length", "diffiehellman", "ffffffff", "fromhex", "c4c6628b", "f25f1437", "e485b576", "generator", "tls port", "tls host", "tls serverhello", "unix timestamp", "jacob appelbaum", "returns", "poodle", "tlsfallbackscsv", "cve20143566", "ssl poodle", "ssl protocol", "authentication", "authenticated", "output", "privatekeyfile", "passphrase", "command", "ssh2 server", "kris katterjohn", "key comparison", "shows ssh", "md5 fingerprint", "ascii art", "matches", "sven klemm", "piotr olma", "socks proxy", "socks version", "guest", "iusredusrv011", "iwamedusrv011", "support388945a0", "tomcat", "socks", "snmp v1", "jetdirect", "jd117", "cidate", "system uptime", "security update", "windows media", "player", "windows server", "apache tomcat", "domain names", "mitigation apis", "kb911564", "kb924667v2", "kb925398", "explorer", "db2copy1", "lookup service", "application", "cryptographic", "db2das", "db2das00", "apache", "dcom", "launcher", "webapps", "value", "windows shares", "system idle", "process", "users", "system", "mib oids", "huawei", "hph3c locally", "snmp", "enterprisenums", "snmpv3 server", "security model", "snmpv3 get", "enterprise", "snmp community", "nextcommunity", "argument", "add ipv6", "vikas singhal", "serveraddress", "tftp server", "copystatus", "cisco router", "snmp rw", "fail", "config", "layer", "channel", "rfc3635", "ieee", "mac address", "obsolete", "generic", "voice", "prop", "terminal", "team", "test", "request", "joao correa", "mail server", "smtp", "diman todorov", "cyrus sasl", "auth", "postfix smtp", "authvuln", "cve20111720", "digestmd5", "activesmtp", "ehlo", "per rfc", "tls connection", "continue", "smtp ntlm", "ethernet", "macosx", "marek majkowski", "tiger", "rcpt", "vrfy", "expn", "socket", "user name", "mail from", "rcpt to", "duarte silva", "windows", "ron bowes", "vista", "srvsvc function", "wireshark", "p u137", "help", "ntlm login", "arturo buanzo", "busleiman", "lf line", "extended", "turn", "dkim", "exim", "exim server", "mail", "cve20111764", "exim daemon", "dkim format", "exim smtp", "webexservice", "handle", "runcommand", "windows account", "open", "cve20104344", "cve20104345", "sendrecv", "debianexim", "exim version", "could", "remote code", "webexec", "doesnotexist", "patched", "microsoft", "case", "msrc8742", "u137", "t139", "index", "define", "smtp server", "i2 i2", "microsoft smbv1", "reserved", "eternalblue", "wannacry", "ipc tree", "windows xp", "print spooler", "vulnerability", "lanman api", "september", "printer spooler", "stuxnet worm", "shareddocs", "smb server", "xp sp2", "windows vista", "gold", "smb request", "smb packet", "bsod", "dns server", "ms07029", "rpc interface", "rpc service", "notup", "server service", "execution", "ras rpc", "ms06025", "remote access", "rras", "rras memory", "routing", "systemroot", "reggetvalue", "installdate", "csdversion", "currentversion", "identifier", "productname", "model", "smbv1", "nt lm", "smbv3", "smbv2", "groups", "builtin", "account lockout", "samr", "connect4", "enumdomains", "invite", "options", "subscribe", "sip server", "cancel", "refer", "notify", "option request", "entry", "message signing", "smb security", "lmv2", "ntlmv2", "ms08068", "cve20093103", "process id", "advisory", "smbv2 protocol", "vista gold", "high header", "loop", "address", "reply", "ttl64", "comment", "ms08067", "conficker", "printer", "text", "service rpc", "lanman", "later", "service pack", "fqdn", "standard", "computer name", "sql2008", "workgroup", "servertypes", "typenames", "mssql server", "time capsule", "backup browser", "dfs root", "master browser", "sql server", "settings", "inetpub", "size time", "normal user", "description", "close", "bind", "clean", "infected2", "scanner", "namewin32", "read", "current user", "type", "readwrite", "usercanwrite", "current", "default share", "stypeipchidden", "write", "trojan", "changeddate", "names", "sids", "servicepaused", "servicestopped", "servicerunning", "gateway service", "manager", "shadow copy", "provider", "remote desktop", "tools", "spooler", "id process", "bytessec", "operationssec", "bytes", "pid ppid", "daniel", "rids", "homegroupuser", "windows system", "aliases", "lists", "double pulsar", "smb backdoor", "pulsar smb", "backdoor", "b i2", "luke jennings", "valid", "hostinfo", "invalidpassword", "userlist", "userlistindex", "blank", "third", "windows smb", "smb2 protocol", "smb2", "startdate", "starttime", "boot time", "date", "vuln", "securitymode", "smb2smb3", "file system", "leasing", "smbv2 server", "skype", "skype version", "skype author", "probes", "extension value", "number", "register sip", "file", "sip session", "true", "ekiga", "home", "user agent", "sip from", "request source", "request sip", "shodanapi key", "shodan", "shodan api", "sn pn", "apache httpd", "proto", "product parent", "xmltotext", "sunw", "instance urn", "product version", "product urn", "product defined", "instance id", "cpus", "probe", "xport", "samba", "samba heap", "cve20121182", "pidl", "zdican1503", "msrpc call", "szl request", "sendreceive", "offset", "siemens s7", "action", "plcscan", "copyright", "module type", "idle", "user on", "from since", "commondirs", "cve20177494", "payloadx86", "payloadx64", "samba remote", "rtsp", "rtsp urls", "describe", "setup", "play", "teardown", "roca", "detects", "return", "ssltls", "nse library", "pop3", "capa command", "user capa", "respcodes uidl", "pipelining stls", "top sasl", "rpc program", "rpc port", "sendpacket", "receivepacket", "rpc number", "rpc protocol", "host table", "port table", "winpcap", "getinfo", "pro1000 mt", "desktop adapter", "hamachi virtual", "winpcap remote", "capture daemon", "password1", "rmi registry", "tcclassdesc", "flags", "field count", "tcnull", "tcblockdata", "oraclesun", "custom data", "classpath", "java management", "custom", "martin holst", "swende", "performs brute", "unix rlogin", "unix", "item", "node name", "crypto version", "skerl version", "os mon", "basho version", "lager version", "cluster info", "luke version", "sasl version", "time", "odd response", "make sure", "diff", "unix rexec", "horizontal", "hostaction", "architecture", "filter", "redis", "realvnc", "cve20062369", "adderlink ip", "send", "cvssv2", "medium", "tpdu", "cve20120002", "ms12020 remote", "risk factor", "w2016", "credssp", "ntlmssp", "w16gasrv01", "success", "security layer", "early user", "rdstls", "rdp encryption", "fips", "rdp protocol", "knownprotocols", "wolfenstein", "enemy territory", "nexuiz", "quake iii", "arena", "openarena", "basic options", "other options", "getstatus", "statusresp", "quake3 game", "toni ruottu", "delay", "tcp packet", "maximum number", "mean", "numtrips", "delta", "qnx qconn", "qconn daemon", "root", "brendan coles", "puppet ca", "puppet naive", "csrs", "dummycsr", "defaultnode", "defaultenv", "paths", "response", "puppet server", "firmware", "pptp", "rt57i author", "activepop3", "pop3 ntlm", "pop3test2", "apop", "pop server", "pop3 account", "printer job", "language", "pjlreadymessage", "aaron leininger", "prev", "rstart", "ssl support", "force protocol", "ssl encryption", "plc type", "model number", "firmware date", "pcworx message", "nse script", "pcworx", "program", "phoenix contact", "pcanywhere", "xorkey", "mtus", "ipprotoudp", "ipprototcp", "pmtu", "pathmtuprobe", "path mtu", "drop", "hash", "key1", "seed", "noise", "oracle virtual", "server agent", "python", "http get", "basehttp", "virtual server", "get request", "oracle tns", "errcodes", "decodevsnnum", "decodes", "vsnnum version", "tns header", "tns packet", "unit size", "oracle", "checkaccount", "count", "oracle user", "october", "critical patch", "maxretries", "defaultaccounts", "dhiru kholia", "authvfrdata", "account", "device type", "uptime", "nack", "kernel version", "device", "mask", "alarm", "bad login", "nson", "openlookup", "arizona", "nson int", "parsefloat", "parses", "paradise", "ofpthello", "openflow", "initial packet", "newer", "jay smith", "mak kolybabi", "size", "memory card", "response code", "omron fins", "system use", "program area", "iom size", "expansion dm", "openvas manager", "target hosts", "firewall", "hosts", "nrpeprotocols", "warning", "nrpestates", "nrpecommands", "crc32constants", "i2 i4", "queries nagios", "remote plugin", "executor", "critical", "nepclientmacid", "serverhslen", "finalhslen", "nping echo", "echo mode", "activenntp", "nntp", "nntptest2", "ohost", "rhost", "job entry", "ohostrhost", "nje server", "nje password", "nje node", "mountpath", "nfsopen", "filesystem", "blocksize", "shows nfs", "showmount", "rpc query", "rpc library", "mount", "read lookup", "getattr", "readdirplus", "lookup", "delete", "loginresponse", "nexpose nsc", "netbuster", "netbus", "extends", "sv p", "defaultfields", "ntp server", "refid", "stratum", "network time", "reference", "applications", "log traffic", "volume", "wave", "synth", "netbus backdoor", "access", "netbus server", "nessus web", "nessus", "network data", "ndmp", "nas device", "amanda", "bacula", "ca arcserve", "commvault", "simpana", "emc networker", "exec", "device0000", "os version", "novell netware", "core protocol", "server name", "tree name", "windows2003", "skullsecurity", "netbios user", "netbios mac", "vmware", "servername", "workstationname", "netbios ns", "hewlett packard", "andrey zhukov", "ussc", "exported block", "readonly", "negotiation", "displays", "network block", "device protocol", "nbd server", "maps", "wan port", "nat port", "natpmp", "successfully", "wan ip", "apple airport", "natpmp protocol", "express", "extreme", "apple time", "capsule", "ddwrt", "mysql", "mariadbmysql", "mysqlmariadb", "mariadb", "cve20122122", "select distinct", "mysql database", "select host", "autocommit", "thread id", "support41auth", "mysql error", "mysql server", "kingcope", "dumps", "john", "ripper", "appropriate db", "review", "adminaccounts", "cis mysql", "skip", "create user", "verify", "super", "shutdown", "reload", "murmur", "udp port", "murmur server", "murmur service", "nmap service", "udp probe", "tcp service", "i4 i4", "igmp traceroute", "query", "source address", "static", "multicast group", "fwdcode", "library", "configuration", "enabled", "dns suffix", "dbcount", "tablecount", "select", "microsoft sql", "activesql", "dbtest2", "disconnect", "rslimit", "host script", "port script", "sql servers", "getname", "servers", "objectid", "select name", "from", "johntheripper", "dump", "dac port", "browser service", "dedicated admin", "dac feature", "sqlserver", "sql mail", "database mail", "dmo xps", "login success", "policy agent", "dhcp client", "lrpc endpoint", "msrpc endpoint", "remote fw", "dvmrp ask", "neighbors", "dvmrp", "neighbor", "igmp", "dvmrp code", "iterate", "major", "publish", "mqtt broker", "sanity", "mqtt", "indicate", "mqtt protocol", "topic", "connack", "mongodb build", "server status", "mongodb", "database", "error message", "httpstorage", "gateway target", "modbus", "to response", "formrsid", "illegal data", "slave device", "scada modbus", "scada", "switchmode", "mobile mouse", "os x", "attempted", "rpa tech", "connected30", "api routeros", "xmlreq", "methodname", "param", "methodcall", "metasploit rpc", "xdax00x20", "ruby version", "api version", "gathers", "api guide", "host name", "reqid", "stat", "nodes", "hostname", "mnesia version", "stdlib version", "auth failure", "agentguid", "didier stevens", "msie", "start", "mcafee epolicy", "eposerver", "instroot", "sap max", "dbmserver", "tn3270e", "unit", "tn3270e server", "logical unit", "macdst", "cadmus computer", "host id", "ipv4 address", "icon image", "repeater ap", "lineage", "printervidpid", "lexmark s302", "hbn3", "lexmark", "dcnet", "dccqure", "cnusers", "ldap", "qfilter", "dcfunctid", "cnconfiguration", "dcfunc", "cnschema", "cnservers", "ocqure", "nmas get", "allow admin", "ldap username", "ldap password", "cnadmin", "cnpaka", "login correct", "openldap", "ldap base", "ad discussion", "kerberos realm", "kerberos", "krb5", "asn1encoder", "realm", "knx address", "knxdibknxmedium", "knx gateway", "knx description", "din en", "http", "niklaus schiess", "java debug", "wire protocol", "jdwp", "java", "internet", "michael schierl", "method run", "java class", "b i8", "sat aug", "daylight time", "portal", "name service", "isns", "auth reason", "collects", "receive", "irc server", "d p6667", "e binsh", "vv localhost", "authenticate", "cap req", "internet relay", "chat", "imap", "imap4rev1", "imap4 literal", "blocked", "nick", "none", "motd", "nquitn", "stats", "lusers", "pingpong", "nmap brutern", "rxbot", "agobot", "slackbot", "mytob", "rbot", "sdbot", "ircbot", "vanbot", "gtbot", "spybot", "storm", "knx search", "device mac", "knxhpaiport", "knxdibdevmac", "discovers", "ipv6 suffix", "cpu usage", "cisco ios", "november", "netscreen", "qtypenodename", "qtypenoop", "qtype", "stringify", "ipv6 node", "qtypestrings", "stevecasner", "ff02000000", "20060921", "19941101", "kanglee", "20070202", "ff0x000000", "discovery", "ssdp", "passauth", "userauth", "conninfo", "channel auth", "claudiu perta", "rakp cipher", "ipmi interface", "cipher zero", "state service", "ipmi rpc", "aggressive mode", "vpngroup", "main mode", "ikeresponse", "ike service", "main", "hybrid", "testfr", "startdt", "asdu address", "getasdu", "cicna1", "iec104", "startdt act", "meeina1", "cicna1broadcast", "ip id", "ip ids", "numprobes", "shortport", "sslcert", "https", "iphttps", "city", "islands", "republic", "united", "startpos", "philadelphia", "recordbuf", "char", "jackson", "download", "dayton", "hill", "terre", "austin", "rouge", "green", "phoenix", "rapid", "diego", "vegas", "albania", "armenia", "belarus", "cuba", "indonesia", "lucia", "mexico", "panama", "paraguay", "slovakia", "chad", "uruguay", "april", "placemark", "point", "nmap registry", "required", "google maps", "api key", "google map", "premium", "google static", "maps api", "png8", "bing maps", "bing map", "road", "rest api", "rest", "jpeg", "fremont", "apikey", "a sting", "new jersey", "icmp echo", "lan host", "icmp", "nmap host", "information", "results", "dbinfo", "ibm informix", "dynamic server", "select first", "dbhostname", "full", "driver class", "client name", "impress version", "remote server", "impress remote", "remote pin", "firefox os", "clientname", "bruteforce", "activeimap", "ntlm challenge", "starttls", "socket receive", "imap ntlm", "istag", "resptbl", "icap service", "icap", "echo", "echo demo", "urlcheck demo", "udp iax2", "revision", "control frame", "poke request", "voip", "ferdy riphagen", "asterisk iax2", "xssedsite", "xssedsearch", "xssedfound", "xssedfixed", "xssedmirror", "xssedurl", "vlc streamer", "developer", "user guides", "increase", "base path", "ange gutek", "peter hill", "search", "wordpressapiurl", "wp root", "wordpress", "defaultwpuri", "initial check", "default uri", "default uservar", "default passvar", "webdav", "propfind", "copy", "move", "post", "proppatch", "trace", "server header", "modsecurity", "webknight", "binarysec", "cloudflare", "bigip", "xml gateway", "airlock", "profense", "netscaler", "idsipswaf", "web application", "attackvectorsn1", "wafidsips", "barracuda", "phpids", "latest", "paul amar", "rob nicholls", "rompager", "andrew orr", "bid71744 cve", "wordpress rest", "injection", "sql injection", "joomla", "regexpsuccess", "sql statement", "mysql user", "python script", "intel active", "params", "cve20175689", "bid98269", "nonce", "apache struts", "cve20175638", "http method", "url path", "ms15034", "http protocol", "system account", "groovy", "elasticsearch", "rce exploit", "java version", "json", "cve20151427", "wordpress cm", "php code", "cm download", "manager plugin", "cve20148877", "php system", "drupal core", "drupal", "auth sql", "title", "formid", "cisco asa", "sip denial", "sip inspection", "cisco adaptive", "software", "bug id", "cscuh44052", "ssl vpn", "clientless ssl", "vpn session", "asdm privilege", "asdm access", "cscuj33496", "minor", "zimbra", "ajxmsg", "zmsg", "zmmsg", "ajxkeys", "zmkeys", "zdmsg", "december", "file inclusion", "concept", "url redirection", "web server", "referer header", "cve20136786", "xss injection", "rails", "ruby", "cve20130156", "cdata", "yaml", "parameter", "denial", "cve20121823", "web development", "html", "phpcgi", "reverse proxy", "apache http", "contextis", "lan ip", "security bypass", "bid49957", "proxy", "apache web", "head request", "pt80443", "bid49303", "coldfusion8", "hmac", "salt", "http server", "sha1 hmac", "traversal", "bid42342", "coldfusion", "cve20100738", "jboss target", "path2", "array", "object", "services", "blazeds", "livecycle data", "adobe xml", "external entity", "livecycle", "webmin", "usermin", "cve20063392", "webmin file", "disclosure", "cve20093733", "vmware path", "vmware esx", "tony flick", "shmoocon", "sha1", "sha256", "eicar test", "resource", "virustotal", "eicartestfile", "readfile", "searches", "http response", "identify", "characters", "spiders", "xfoo", "evoxabout", "trane tracer", "trane", "tracer sc", "hwver12ab", "airhandler", "xxxxx", "normalizepath", "depth", "http1", "http trace", "uri author", "tplink wireless", "wr740n", "wr740nd", "wr2543nd", "confirmed", "wr842nd", "wa901nd", "wr941n", "wr941nd", "scanme", "displaytitle", "wikipedia", "repository uuid", "repository root", "node kind", "elements", "url relative", "author count", "unfiltered", "crawls", "posts", "field", "phase", "crawler", "html escaping", "posted data", "form", "html title", "twitter", "xfwd", "otherwise", "mfctearsample", "phpcrawl", "httplibs", "nmap scripting", "engine", "snoopy", "zendhttpclient", "change", "status code", "eddie bell", "timewith", "bestopt", "slowloris dos", "slowloris", "halfhttp", "dos attack", "timewithout", "threadcount", "timelimit", "dosed", "monitor", "threads", "sendinterval", "servernotice", "stopall", "reason", "ubuntu", "request type", "cookie", "referer", "shellshock", "http shellshock", "http header", "sending", "setcookie", "deny", "hsts", "cachecontrol", "pragma", "xss filter", "will", "uris", "sandbox", "sap netweaver", "sap instance", "km unit", "disabled", "robtex", "robtex service", "add list", "discount", "nwshp news", "relpage", "univ cobrand", "url default", "august", "informs", "qweb server", "ssl port", "photo station", "device model", "firmware build", "force ssl", "v2 web", "network video", "music", "uploads", "http put", "http proxy", "shared", "phpself", "reflected cross", "site scripting", "phpselfprobe", "local file", "inclusion", "exploitquery", "defaultfile", "defaultdir", "remote file", "basepath", "passwd", "etcpasswd", "query string", "printing", "multi", "http redirect", "valid http", "pattern", "joao", "activeweb", "telme", "http ntlm", "android", "khtml", "gecko", "http verb", "vulnerable uri", "allow", "safemethods", "public", "public header", "unsafemethods", "balancer", "jvmroute", "lbgroup", "sticky", "jsessionid", "remove", "stisvc", "looks", "denis", "majordomo2", "cve20110049", "michael brooks", "web page", "pierre lalet", "litespeed web", "cve20102333", "http request", "joomla web", "internal ip", "leaked", "host header", "microsoft iis", "jsonp", "jsonp endpoint", "policy", "vinamra bhatia", "gosingle", "root folder", "iis document", "research paper", "apple id", "apple mobileme", "find my", "iphone", "macbook air", "wifi", "mobileme web", "mac mini", "hp ilo", "productid", "uuid", "xmldata", "xml file", "builtinpatterns", "validate", "azaz09", "email", "group1", "google", "safe browsing", "sign", "git revision", "project author", "span", "git repository", "trunclength", "jboss", "statusok", "rails web", "jboss java", "location", "look", "insert", "michael kohl", "citizen428", "frontpage", "frontpage login", "path prefix", "atm anything", "uservar", "passvar", "stop", "mime", "content", "uploadrequest", "exploits", "mime type", "destination", "separator", "trying path", "maxpagecount", "feeds", "feedsrefs", "please", "atom", "reads", "wd2500js60mhb1", "md5 hash", "element", "socialtext", "http default", "nasl script", "ftp server", "ftp login", "gutek", "tagtable", "gpstagtable", "gpstaglatitude", "tagmake", "tagmodel", "tagdatetime", "taggpsinfo", "gpstaglongitude", "flash", "speed", "error code", "checkdir", "general", "views", "pppoe", "echolife hg530", "huawei hg5xx", "boolean", "hg530x", "direct path", "modules", "themes", "token", "id file", "input", "jim brass", "warrick brown", "martin", "jsfuncpatterns", "jscallspatterns", "xss occur", "javascript", "please note", "dlink", "dir120", "di624s", "di524up", "di604s", "di604up", "di604", "tmg5240", "ascii", "genericlines", "landeskrc", "tlssessionreq", "getrequest", "httpoptions", "lpdstring", "weird", "consumingdetect", "html content", "rapiddetect", "html code", "callback", "django", "missing", "nagios", "cactiez", "logincombos", "httplike", "csrf", "form id", "form action", "cross site", "adobe flash", "adobe reader", "silverlight", "crossdomain", "forgery", "granto", "origin", "sharing", "cors", "get post", "options author", "patch", "examines", "specific url", "specific cookie", "grepphp", "mediawiki", "generic backup", "patterns", "line number", "maximum value", "cf version", "fri mar", "xmltags", "anyconnect", "cisco ssl", "ddos", "pngiconquery", "gificonquery", "stylesheetquery", "vendorsquery", "cakephp version", "cakephp visit", "hostip", "alpha", "bigipserver", "f5 bigip", "seth jackson", "spam", "virus firewall", "barracuda spam", "api password", "mta sasl", "gateway", "dns cache", "shadow", "apache axis2", "axis2services", "defaultpath", "axis2 service", "awstats totals", "defaultcmd", "defaulturi", "sort", "common", "awstats total", "avaya ip", "office", "office user", "listing", "office voip", "basic", "digest", "router", "unauthorized", "debug", "http debug", "debug request", "response body", "apache server", "apache version", "common default", "google adsense", "amazon", "site", "grabs", "adsense", "magicuri", "gethostname", "finds", "sheila berta", "hostmapserver", "vendor", "gatewaywithwifi", "ingraham", "linksys", "linksys e1200", "e1200", "hbase", "hbase version", "hbase compiled", "quorum", "apache hbase", "hadoop database", "wed may", "hadoop", "http status", "logs", "apache hadoop", "hadoop version", "checkpoint size", "checkpoint", "capacity", "non dfs", "datanodes", "live", "dead", "wed sep", "cest", "line", "state", "datanode http", "log directory", "watch", "gps time", "gpsd network", "sat apr", "gopher", "taxf", "tax forms", "load", "network", "transmitted", "mount point", "fs type", "gkrellm service", "size available", "goodbye", "corba naming", "ganglia", "ganglia version", "owner", "proftpd", "proftpd server", "cve20104221", "telnet iac", "telnetiac", "telnetkill", "cmdshellid", "shell command", "cve20112523", "syst", "mode", "no data", "syst error", "logged", "stream", "cmdshell", "send command", "opie", "cve20101938", "ftpd", "arciemowicz", "adam", "zabrocki", "sergey khegay", "ieuser", "freelancer", "rp server", "freelancer game", "niagara fox", "java hotspot", "server vm", "americachicago", "tridium", "systems", "billy rios", "flume", "environment", "se runtime", "target port", "helperport", "ethernet type", "eric leblond", "ip packet", "probetimeout", "icmp time", "icmp payload", "recvtimeout", "ip ttl", "firewalk", "combo", "cups service", "hp laserjet", "print", "documentation", "cups", "cemt", "access denied", "authorized", "cemt inquire", "dfltuser", "db2conn", "gutek ange", "welcome", "linux version", "fcrdns mismatch", "no ptr", "reverse dns", "ptr record", "address book", "safari", "event protocol", "buddy", "erlang port", "mapper daemon", "x00x01n", "gmbh", "corporation", "limited", "company", "automation", "encoder", "inst", "tips", "tech", "life", "pump", "peap", "eapttls", "eaptls", "eapmschapv2", "identity", "ttls", "mschap", "nbstat", "sshhostkey", "ssh host", "p445443", "win2ksrv001", "server platform", "instance name", "apache derby", "drda protocol", "drda excsat", "sample", "ibm db2", "informix", "get dpap", "ibm lotus", "domino", "mjacksson", "lotus domino", "peak", "console", "release", "windows32", "socketpool", "docker", "docker service", "gitcommit", "parsedomain", "cname", "scripttype", "parsetxt", "bulletproof", "sbl123456", "cn online", "ip range", "zeus botnet", "ztdns", "name ip", "dns update", "kerberos kdc", "change service", "catalog", "argfilter", "kerberos passwd", "ldap servers", "canon", "mg5200 series", "canon mg5200", "ivec", "bjnp protocol", "ftp version", "tcp portarg", "portarg", "dns service", "version196609", "version196616", "ossi0x1f6", "felix groebert", "txid", "duane wessels", "authority rrs", "answer rrs", "answer record", "get txt", "txtlen", "dns recursion", "ogjdvm author", "spoofed reply", "cve20081447", "nsid", "ch txt", "dns nameserver", "ssu p", "dnschars", "nsec", "dnscharsinv", "label", "nsec record", "removesuffix", "result name", "bumpdomain", "nsec response", "easy", "nsec3", "dnssec nsec3", "nsec3 walking", "dnsnsecenum", "getprefixmask", "dns lookup", "ipv6 network", "ipv6 prefix", "noerror", "nxdomain result", "peter", "bool", "slowdown", "launches", "david", "victoria", "halifax", "casper", "barry", "soa expire", "soa refresh", "soa retry", "soa mname", "soa record", "dns check", "refresh", "domains", "timedmultiplier", "timednumsamples", "stddev", "alexadomains", "aaaa", "dns bruteforce", "added target", "resolve", "commfile", "argcategory", "dns antispam", "spam received", "daemon command", "allows", "dict protocol", "show server", "index data", "client", "dicom service", "aet check", "dicom", "acceptreject", "dicom server", "titles", "hence", "dhcpinform", "dhcp request", "dhcp server", "dhcpack", "subnet mask", "dhcp option", "strfixedstart", "listfixedstart", "login error", "dictfixedstart", "db2 server", "transaction", "database server", "nodetype1", "db2commtcpip", "db2inst1", "control center", "db2 packet", "wed mar", "getsessionid", "daapitemlimit", "fever ray", "getdatabaseid", "limit", "daap server", "cvs pserver", "repo", "series", "ubu1110", "raw printer", "stopped", "cups printing", "cupspdf printer", "couchdb", "mochiweb", "admin party", "discard", "couchdb http", "testsuitedb", "testsuitedba", "moneyz", "block", "coap endpoint", "reporting", "payload", "coap", "u5683 su", "analyzes", "clamav", "scan", "scan command", "clamav remote", "citrixsrv01", "citrix xml", "citrix", "ica browser", "citrixsrv02", "anonymous", "notepad", "appdata", "settingkey", "xml service", "must change", "nextuser", "citrix pn", "cics user", "cics login", "cesl", "signon", "on to", "cics id", "valid cics", "cesf", "cesn", "cata", "numtrials", "cccam service", "trial", "cccam dvr", "cassandra", "cluster name", "cassinc", "test cluster", "account success", "manager control", "willing", "device pub", "computer", "wpad", "dhcp", "web proxy", "dhcp discovery", "dns discovery", "wpad host", "wpad file", "machex", "sent wol", "wol packet", "wakes", "mac return", "servicerequest", "model name", "bubbatwo dlna", "justin maggard", "model descr", "debian", "activation code", "tellsticknet", "acca12345678", "inet", "ping request", "sybase anywhere", "netmask", "romm", "firmm", "serial", "macserial", "romversion", "firmwareversion", "sonicwall", "ripng", "ripng response", "ripng request", "ripv2", "ripv2 request", "tags", "pppoe discovery", "pppoed", "ipv4 format", "ip header", "bbi2", "pim hello", "i2i2", "helloraw", "multicast", "pim multicast", "pcduo gateway", "pcduo remote", "srvname", "ospfv2 database", "print ospfv2", "ospfv2 hello", "ospfv2 ls", "area id", "destination mac", "captured ospfv2", "callit", "nbname", "broadcastaddr", "mssqldiscover", "yesno", "decoders", "uport", "hsrp", "dropbox", "server id", "slave port", "jenkins", "argaddress", "jenkinspkt", "jenkins auto", "apache jserv", "protocol server", "pathhelloworld", "hid discoveryd", "eigrp", "internal route", "external route", "max amount", "internal", "dropboxport", "key2", "listens", "nmap target", "dhcpoffer", "clientid", "ip pool", "ipid", "dhcpv6 request", "solicit", "message type", "advertise", "ba9876", "domain search", "db2getaddr", "ubu804db2e", "edusrv011", "devtype", "null udp", "cve20111002", "avahi null", "wait time", "header instance", "bbi2bbi4", "config info", "etherbroadcast", "pataoe", "brantley coile", "total", "nse argument", "dht protocol", "torrentfile", "dht discovery", "serviceproxy", "obtains", "bitcoin server", "prior", "node id", "lastblock", "bitcoin", "bacnet", "sdn bhd", "bacnet packet", "titan", "landis", "carrier", "simplex", "notifier", "walker", "aust", "savant", "monitoring", "energy", "starman", "covenant", "king", "etap", "echelon", "arcom", "vanti", "backorifice", "container", "bocrypt", "boversion", "bohostname", "system info", "magicstring", "ping reply", "pong", "pingpacket", "team cymru", "peer", "amqp", "erlangotp", "rabbitmq", "plain amqplain", "dragomir", "allseeing eye", "team death", "novodondo", "blue", "herox", "different ajp", "jsp test", "options request", "ajp service", "public folder", "shows afp", "utf8 server", "uams", "server flags", "flags hex", "password saving", "copy file", "machine type", "afpversion", "afpx03", "apple mac", "dir method", "maxfiles", "cve20100533", "directory", "afp server", "permission uid", "gid size", "time filename", "parameter error", "netatalk", "apple filing", "formatipv4", "isatap", "server ipv4", "client ipv4", "admin email", "parse daemon", "license", "acarsd" ], "references": [ "scripts", "vuze-dht-info.nse", "xmlrpc-methods.nse", "xdmcp-discover.nse", "x11-access.nse", "wsdd-discover.nse", "whois-domain.nse", "weblogic-t3-info.nse", "vulners.nse", "wdb-version.nse", "vtam-enum.nse", "voldemort-info.nse", "vnc-brute.nse", "vnc-title.nse", "vnc-info.nse", "vmauthd-brute.nse", "xmpp-brute.nse", "vmware-version.nse", "xmpp-info.nse", "versant-info.nse", "url-snarf.nse", "upnp-info.nse", "whois-ip.nse", "unusual-port.nse", "unittest.nse", "ventrilo-info.nse", "uptime-agent-info.nse", "tso-enum.nse", "ubiquiti-discovery.nse", "tn3270-screen.nse", "tso-brute.nse", "tls-ticketbleed.nse", "tls-nextprotoneg.nse", "tls-alpn.nse", "tftp-enum.nse", "traceroute-geolocation.nse", "telnet-ntlm-info.nse", "teamspeak2-version.nse", "targets-traceroute.nse", "targets-xml.nse", "telnet-encryption.nse", "targets-sniffer.nse", "telnet-brute.nse", "targets-ipv6-wordlist.nse", "targets-ipv6-multicast-mld.nse", "targets-ipv6-multicast-slaac.nse", "targets-asn.nse", "targets-ipv6-multicast-invalid-dst.nse", "targets-ipv6-multicast-echo.nse", "svn-brute.nse", "stun-version.nse", "targets-ipv6-map4to6.nse", "sslv2.nse", "stuxnet-detect.nse", "sstp-discover.nse", "supermicro-ipmi-conf.nse", "ssl-heartbleed.nse", "stun-info.nse", "ssl-known-key.nse", "sslv2-drown.nse", "ssl-cert-intaddr.nse", "ssl-ccs-injection.nse", "ssl-enum-ciphers.nse", "ssl-cert.nse", "ssh-publickey-acceptance.nse", "sshv1.nse", "ssl-dh-params.nse", "ssl-date.nse", "ssh-auth-methods.nse", "ssl-poodle.nse", "ssh-run.nse", "ssh2-enum-algos.nse", "ssh-hostkey.nse", "socks-auth-info.nse", "snmp-win32-users.nse", "socks-brute.nse", "snmp-sysdescr.nse", "snmp-win32-software.nse", "snmp-win32-services.nse", "snmp-win32-shares.nse", "ssh-brute.nse", "snmp-processes.nse", "snmp-hh3c-logins.nse", "snmp-info.nse", "snmp-brute.nse", "snmp-ios-config.nse", "snmp-interfaces.nse", "socks-open-proxy.nse", "snmp-netstat.nse", "smtp-strangeport.nse", "smtp-vuln-cve2011-1720.nse", "smtp-ntlm-info.nse", "sniffer-detect.nse", "smtp-enum-users.nse", "smb-server-stats.nse", "smtp-commands.nse", "smtp-vuln-cve2011-1764.nse", "smtp-brute.nse", "smb-webexec-exploit.nse", "smtp-vuln-cve2010-4344.nse", "smb-vuln-webexec.nse", "smb-vuln-regsvc-dos.nse", "smtp-open-relay.nse", "smb-vuln-ms17-010.nse", "smb-vuln-ms10-061.nse", "smb-vuln-ms10-054.nse", "smb-vuln-ms07-029.nse", "smb-vuln-ms06-025.nse", "smb-system-info.nse", "smb-protocols.nse", "smb-flood.nse", "smb-enum-domains.nse", "sip-methods.nse", "script.db", "smb-security-mode.nse", "smb-vuln-cve2009-3103.nse", "smb-psexec.nse", "smb-vuln-ms08-067.nse", "smb-print-text.nse", "smb-os-discovery.nse", "smb-mbenum.nse", "smb-ls.nse", "smb-enum-users.nse", "smb-vuln-conficker.nse", "smb-enum-shares.nse", "smb-enum-sessions.nse", "smb-enum-services.nse", "smb-enum-processes.nse", "smb-enum-groups.nse", "rsync-list-modules.nse", "smb-double-pulsar-backdoor.nse", "smb-brute.nse", "smb2-vuln-uptime.nse", "smb2-time.nse", "smb2-security-mode.nse", "smb2-capabilities.nse", "skypev2-version.nse", "sip-enum-users.nse", "sip-call-spoof.nse", "sip-brute.nse", "shodan-api.nse", "servicetags.nse", "samba-vuln-cve-2012-1182.nse", "s7-info.nse", "rusers.nse", "smb-vuln-cve-2017-7494.nse", "rtsp-url-brute.nse", "rtsp-methods.nse", "rsync-brute.nse", "rsa-vuln-roca.nse", "pop3-capabilities.nse", "rpcinfo.nse", "rpc-grind.nse", "rpcap-info.nse", "rpcap-brute.nse", "rmi-vuln-classloader.nse", "rmi-dumpregistry.nse", "rlogin-brute.nse", "riak-http-info.nse", "rfc868-time.nse", "rexec-brute.nse", "reverse-index.nse", "redis-info.nse", "redis-brute.nse", "realvnc-auth-bypass.nse", "rdp-vuln-ms12-020.nse", "rdp-ntlm-info.nse", "rdp-enum-encryption.nse", "quake3-master-getservers.nse", "quake3-info.nse", "qscan.nse", "qconn-exec.nse", "puppet-naivesigning.nse", "pptp-version.nse", "pop3-ntlm-info.nse", "pop3-brute.nse", "pjl-ready-message.nse", "port-states.nse", "pgsql-brute.nse", "pcworx-info.nse", "pcanywhere-brute.nse", "path-mtu.nse", "p2p-conficker.nse", "ovs-agent-version.nse", "oracle-tns-version.nse", "oracle-sid-brute.nse", "oracle-enum-users.nse", "oracle-brute-stealth.nse", "oracle-brute.nse", "openwebnet-discovery.nse", "openvas-otp-brute.nse", "openlookup-info.nse", "openflow-info.nse", "omron-info.nse", "omp2-enum-targets.nse", "omp2-brute.nse", "nrpe-enum.nse", "nping-brute.nse", "nntp-ntlm-info.nse", "nje-pass-brute.nse", "nje-node-brute.nse", "nfs-statfs.nse", "nfs-showmount.nse", "nfs-ls.nse", "nexpose-brute.nse", "netbus-version.nse", "ntp-info.nse", "netbus-info.nse", "netbus-brute.nse", "netbus-auth-bypass.nse", "nessus-xmlrpc-brute.nse", "nessus-brute.nse", "ndmp-version.nse", "ndmp-fs-info.nse", "ncp-serverinfo.nse", "ncp-enum-users.nse", "nbstat.nse", "nbns-interfaces.nse", "nbd-info.nse", "nat-pmp-mapport.nse", "nat-pmp-info.nse", "mysql-vuln-cve2012-2122.nse", "mysql-variables.nse", "mysql-users.nse", "mysql-query.nse", "mysql-info.nse", "mysql-enum.nse", "mysql-empty-password.nse", "mysql-dump-hashes.nse", "mysql-databases.nse", "mysql-brute.nse", "mysql-audit.nse", "murmur-version.nse", "mtrace.nse", "ms-sql-xp-cmdshell.nse", "ms-sql-tables.nse", "ms-sql-query.nse", "ms-sql-ntlm-info.nse", "ms-sql-hasdbaccess.nse", "ms-sql-empty-password.nse", "ms-sql-dump-hashes.nse", "ms-sql-dac.nse", "ms-sql-config.nse", "ms-sql-brute.nse", "msrpc-enum.nse", "mrinfo.nse", "mqtt-subscribe.nse", "ms-sql-info.nse", "mongodb-info.nse", "mongodb-databases.nse", "mongodb-brute.nse", "modbus-discover.nse", "mmouse-exec.nse", "mmouse-brute.nse", "mikrotik-routeros-brute.nse", "metasploit-xmlrpc-brute.nse", "metasploit-msgrpc-brute.nse", "metasploit-info.nse", "memcached-info.nse", "membase-http-info.nse", "membase-brute.nse", "mcafee-epo-agent.nse", "maxdb-info.nse", "lu-enum.nse", "lltd-discovery.nse", "lexmark-config.nse", "ldap-search.nse", "ldap-rootdse.nse", "ldap-novell-getpass.nse", "ldap-brute.nse", "krb5-enum-users.nse", "knx-gateway-info.nse", "jdwp-version.nse", "jdwp-inject.nse", "jdwp-info.nse", "jdwp-exec.nse", "isns-info.nse", "iscsi-info.nse", "iscsi-brute.nse", "irc-unrealircd-backdoor.nse", "irc-sasl-brute.nse", "imap-capabilities.nse", "irc-info.nse", "irc-brute.nse", "irc-botnet-channels.nse", "knx-gateway-discover.nse", "ipv6-ra-flood.nse", "ipv6-node-info.nse", "ipv6-multicast-mld-list.nse", "ipmi-version.nse", "ipmi-cipher-zero.nse", "ipmi-brute.nse", "ike-version.nse", "iec-identify.nse", "ipidseq.nse", "ip-https-discover.nse", "ip-geolocation-maxmind.nse", "ip-geolocation-map-kml.nse", "ip-geolocation-map-google.nse", "ip-geolocation-map-bing.nse", "ip-geolocation-ipinfodb.nse", "ip-geolocation-geoplugin.nse", "ip-forwarding.nse", "informix-tables.nse", "informix-query.nse", "informix-brute.nse", "impress-remote-discover.nse", "imap-ntlm-info.nse", "imap-brute.nse", "icap-info.nse", "iax2-version.nse", "iax2-brute.nse", "http-xssed.nse", "http-vlcstreamer-ls.nse", "http-wordpress-users.nse", "http-wordpress-enum.nse", "http-wordpress-brute.nse", "http-webdav-scan.nse", "http-waf-fingerprint.nse", "http-waf-detect.nse", "http-vuln-wnr1000-creds.nse", "http-vuln-misfortune-cookie.nse", "http-vuln-cve2017-1001000.nse", "http-vuln-cve2017-8917.nse", "http-vuln-cve2017-5689.nse", "http-vuln-cve2017-5638.nse", "http-vuln-cve2015-1635.nse", "http-vuln-cve2015-1427.nse", "http-vuln-cve2014-8877.nse", "http-vuln-cve2014-3704.nse", "http-vuln-cve2014-2129.nse", "http-vuln-cve2014-2128.nse", "http-vuln-cve2014-2127.nse", "http-vuln-cve2014-2126.nse", "http-vuln-cve2013-7091.nse", "http-vuln-cve2013-6786.nse", "http-vuln-cve2013-0156.nse", "http-vuln-cve2012-1823.nse", "http-vuln-cve2011-3368.nse", "http-vuln-cve2011-3192.nse", "http-vuln-cve2010-2861.nse", "http-vuln-cve2010-0738.nse", "http-vuln-cve2009-3960.nse", "http-vuln-cve2006-3392.nse", "http-vmware-path-vuln.nse", "http-virustotal.nse", "http-vhosts.nse", "http-userdir-enum.nse", "http-unsafe-output-escaping.nse", "http-trane-info.nse", "http-sitemap-generator.nse", "http-trace.nse", "http-tplink-dir-traversal.nse", "http-title.nse", "http-svn-info.nse", "http-svn-enum.nse", "http-stored-xss.nse", "http-traceroute.nse", "https-redirect.nse", "http-useragent-tester.nse", "http-sql-injection.nse", "http-slowloris-check.nse", "http-slowloris.nse", "http-headers.nse", "http-shellshock.nse", "http-server-header.nse", "http-security-headers.nse", "http-sap-netweaver-leak.nse", "http-robtex-shared-ns.nse", "http-robots.txt.nse", "http-rfi-spider.nse", "http-referer-checker.nse", "http-qnap-nas-info.nse", "http-put.nse", "http-proxy-brute.nse", "http-robtex-reverse-ip.nse", "http-phpself-xss.nse", "http-phpmyadmin-dir-traversal.nse", "http-passwd.nse", "http-open-redirect.nse", "http-open-proxy.nse", "http-ntlm-info.nse", "http-mobileversion-checker.nse", "http-method-tamper.nse", "http-methods.nse", "http-mcmp.nse", "http-malware-host.nse", "http-majordomo2-dir-traversal.nse", "http-ls.nse", "http-litespeed-sourcecode-download.nse", "http-joomla-brute.nse", "http-internal-ip-disclosure.nse", "http-jsonp-detection.nse", "http-iis-webdav-vuln.nse", "http-iis-short-name-brute.nse", "http-icloud-sendmsg.nse", "http-icloud-findmyiphone.nse", "http-hp-ilo-info.nse", "http-grep.nse", "http-google-malware.nse", "http-gitweb-projects-enum.nse", "http-git.nse", "http-generator.nse", "http-frontpage-login.nse", "http-form-fuzzer.nse", "http-form-brute.nse", "http-fileupload-exploiter.nse", "http-fetch.nse", "http-feed.nse", "hddtemp-info.nse", "http-favicon.nse", "ftp-anon.nse", "http-exif-spider.nse", "http-errors.nse", "http-enum.nse", "http-drupal-enum-users.nse", "http-huawei-hg5xx-vuln.nse", "http-drupal-enum.nse", "http-domino-enum-passwords.nse", "http-dombased-xss.nse", "http-dlink-backdoor.nse", "fingerprint-strings.nse", "http-devframework.nse", "http-default-accounts.nse", "http-date.nse", "http-csrf.nse", "http-cross-domain-policy.nse", "http-cors.nse", "http-cookie-flags.nse", "http-config-backup.nse", "http-comments-displayer.nse", "http-coldfusion-subzero.nse", "http-cisco-anyconnect.nse", "http-chrono.nse", "http-cakephp-version.nse", "http-brute.nse", "http-bigip-cookie.nse", "http-barracuda-dir-traversal.nse", "http-backup-finder.nse", "http-axis2-dir-traversal.nse", "http-awstatstotals-exec.nse", "http-avaya-ipoffice-users.nse", "http-auth-finder.nse", "http-auth.nse", "http-aspnet-debug.nse", "http-apache-server-status.nse", "http-apache-negotiation.nse", "http-affiliate-id.nse", "http-adobe-coldfusion-apsa1301.nse", "hostmap-robtex.nse", "hostmap-crtsh.nse", "hostmap-bfk.nse", "hnap-info.nse", "hbase-region-info.nse", "hbase-master-info.nse", "hadoop-tasktracker-info.nse", "hadoop-secondary-namenode-info.nse", "hadoop-namenode-info.nse", "hadoop-jobtracker-info.nse", "hadoop-datanode-info.nse", "gpsd-info.nse", "gopher-ls.nse", "gkrellm-info.nse", "giop-info.nse", "ganglia-info.nse", "ftp-vuln-cve2010-4221.nse", "ftp-vsftpd-backdoor.nse", "ftp-syst.nse", "ftp-proftpd-backdoor.nse", "ftp-libopie.nse", "ftp-brute.nse", "ftp-bounce.nse", "freelancer-info.nse", "fox-info.nse", "flume-master-info.nse", "firewall-bypass.nse", "firewalk.nse", "cups-queue-info.nse", "cics-info.nse", "finger.nse", "fcrdns.nse", "eppc-enum-processes.nse", "epmd-info.nse", "enip-info.nse", "eap-info.nse", "duplicates.nse", "drda-info.nse", "drda-brute.nse", "dpap-brute.nse", "domino-enum-users.nse", "domcon-cmd.nse", "domcon-brute.nse", "docker-version.nse", "dns-zone-transfer.nse", "dns-zeustracker.nse", "dns-update.nse", "dns-srv-enum.nse", "bjnp-discover.nse", "banner.nse", "dns-service-discovery.nse", "dns-recursion.nse", "dns-random-txid.nse", "auth-spoof.nse", "dns-random-srcport.nse", "dns-nsid.nse", "dns-nsec-enum.nse", "dns-nsec3-enum.nse", "dns-ip6-arpa-scan.nse", "dns-fuzz.nse", "dns-client-subnet-scan.nse", "dns-check-zone.nse", "dns-cache-snoop.nse", "dns-brute.nse", "dns-blacklist.nse", "distcc-cve2004-2687.nse", "dict-info.nse", "dicom-ping.nse", "dicom-brute.nse", "dhcp-discover.nse", "deluge-rpc-brute.nse", "db2-das-info.nse", "daytime.nse", "daap-get-library.nse", "cvs-brute-repository.nse", "cvs-brute.nse", "cups-info.nse", "creds-summary.nse", "couchdb-stats.nse", "couchdb-databases.nse", "coap-resources.nse", "clock-skew.nse", "clamav-exec.nse", "citrix-enum-servers-xml.nse", "citrix-enum-servers.nse", "citrix-enum-apps-xml.nse", "citrix-enum-apps.nse", "citrix-brute-xml.nse", "cics-user-enum.nse", "cics-user-brute.nse", "cics-enum.nse", "cccam-version.nse", "cassandra-info.nse", "cassandra-brute.nse", "broadcast-xdmcp-discover.nse", "broadcast-wsdd-discover.nse", "broadcast-wpad-discover.nse", "broadcast-wake-on-lan.nse", "broadcast-versant-locate.nse", "broadcast-upnp-info.nse", "broadcast-tellstick-discover.nse", "broadcast-sybase-asa-discover.nse", "broadcast-sonicwall-discover.nse", "broadcast-ripng-discover.nse", "broadcast-rip-discover.nse", "broadcast-pppoe-discover.nse", "broadcast-ping.nse", "broadcast-pim-discovery.nse", "broadcast-pc-duo.nse", "broadcast-pc-anywhere.nse", "broadcast-ospf2-discover.nse", "broadcast-novell-locate.nse", "broadcast-networker-discover.nse", "broadcast-netbios-master-browser.nse", "broadcast-ms-sql-discover.nse", "broadcast-listener.nse", "broadcast-jenkins-discover.nse", "ajp-headers.nse", "broadcast-hid-discoveryd.nse", "broadcast-eigrp-discovery.nse", "broadcast-dropbox-listener.nse", "broadcast-dns-service-discovery.nse", "broadcast-dhcp-discover.nse", "broadcast-dhcp6-discover.nse", "broadcast-db2-discover.nse", "broadcast-bjnp-discover.nse", "broadcast-avahi-dos.nse", "broadcast-ataoe-discover.nse", "bittorrent-discovery.nse", "bitcoinrpc-info.nse", "bitcoin-info.nse", "bitcoin-getaddr.nse", "bacnet-info.nse", "backorifice-info.nse", "backorifice-brute.nse", "auth-owners.nse", "asn-query.nse", "amqp-info.nse", "allseeingeye-info.nse", "ajp-request.nse", "ajp-methods.nse", "ajp-brute.nse", "ajp-auth.nse", "afp-showmount.nse", "afp-serverinfo.nse", "afp-path-vuln.nse", "afp-ls.nse", "afp-brute.nse", "address-info.nse", "acarsd-info.nse", "https://seclists.org/nmap-dev/2011/q4/420", "https://viz.greynoise.io/analysis/001f6d4e-555b-49d3-a714-e71deea739d0" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1127", "name": "Trusted Developer Utilities Proxy Execution", "display_name": "T1127 - Trusted Developer Utilities Proxy Execution" }, { "id": "T1110", "name": "Brute Force", "display_name": "T1110 - Brute Force" }, { "id": "T1222", "name": "File and Directory Permissions Modification", "display_name": "T1222 - File and Directory Permissions Modification" }, { "id": "T1134", "name": "Access Token Manipulation", "display_name": "T1134 - Access Token Manipulation" }, { "id": "T1547", "name": "Boot or Logon Autostart Execution", "display_name": "T1547 - Boot or Logon Autostart Execution" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1049", "name": "System Network Connections Discovery", "display_name": "T1049 - System Network Connections Discovery" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 107, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Disable_Duck", "id": "244325", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_244325/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 288, "FileHash-MD5": 52, "URL": 218, "hostname": 180, "email": 33, "CIDR": 14, "CVE": 76, "FileHash-SHA1": 48, "FileHash-SHA256": 841 }, "indicator_count": 1750, "is_author": false, "is_subscribing": null, "subscriber_count": 132, "modified_text": "675 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65d8ccb5b39c5a895bd0d7c2", "name": "More Certificates - A closer inspection of Accumulated Certs", "description": "An accumulation of Certificates from random places I find them - all from devices that have come into contact w. University of Alberta\nInteresting: https://www.trendmicro.com/en_us/research/21/i/analyzing-ssl-tls-certificates-used-by-malware.html", "modified": "2024-06-25T22:01:15.361000", "created": "2024-02-23T16:49:57.448000", "tags": [ "Certificates" ], "references": [ "https://www.virustotal.com/gui/collection/33a61b144ffdece76551464e76866ab59346f0fa3f1f97380b401c1ac3f0d305/summary", "https://www.virustotal.com/graph/embed/g157209fb9f6643a8bc819522fd9e644c70ae0f541aa347b4aa19b1636ee6d556?theme=dark", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/65d8c22c9a6367d4742ddd59", "https://www.virustotal.com/gui/collection/d6ec969e2e2b76f2bdb3b75595c50b9bfea53d730e2be98936896a3d110c3531", "https://www.virustotal.com/gui/collection/d6ec969e2e2b76f2bdb3b75595c50b9bfea53d730e2be98936896a3d110c3531/iocs", "https://www.proofpoint.com/us/blog/cloud-security/community-alert-ongoing-malicious-campaign-impacting-azure-cloud-environments", "https://www.virustotal.com/gui/collection/bd65940df2423788fcc8623495dfdafdfd4236d93533db0256db5ff4347b65f9/iocs", "https://www.virustotal.com/gui/collection/33a61b144ffdece76551464e76866ab59346f0fa3f1f97380b401c1ac3f0d305/iocs", "https://viz.greynoise.io/analysis/6d4e20f2-7e0c-4d31-83a6-f973343f4dd1", "https://viz.greynoise.io/analysis/5f89eddc-2668-47a2-8f6b-d4d81a31180c", "https://us-test-sandbox.recordedfuture.com/240617-g49essyaqa", "https://us-test-sandbox.recordedfuture.com/240617-h4dhsszdkg", "https://us-test-sandbox.recordedfuture.com/240617-h53t3stfmj", "https://us-test-sandbox.recordedfuture.com/240617-jak68azfqa", "https://us-test-sandbox.recordedfuture.com/240617-h73bbszepa", "https://tria.ge/240617-g49essyaqa/behavioral1", "https://www.virustotal.com/graph/embed/g5d8ecedaf40940ec8c84636da79426ec6a5f316d51874b499b47a02a8cef4a21?theme=dark" ], "public": 1, "adversary": "Unknown", "targeted_countries": [ "Canada", "United States of America", "Germany", "Netherlands", "United Kingdom of Great Britain and Northern Ireland" ], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Technology", "Government", "Healthcare" ], "TLP": "white", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "Disable_Duck", "id": "244325", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_244325/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 1431, "CIDR": 1, "FileHash-MD5": 777, "FileHash-SHA1": 750, "URL": 1647, "domain": 572, "hostname": 526 }, "indicator_count": 5704, "is_author": false, "is_subscribing": null, "subscriber_count": 136, "modified_text": "704 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "660ec2cd7185f30ee98e0406", "name": "TP-Link ER605 Firmware Image download", "description": "After downloading a new firmware image for my TPlink ER605 switch/vpn-router, and since TP-Link doesn't provide a checksum for it. I decided to hit it with binwalk out of curiosity since I've had multiple issues with it the past two years. Immediately binwalk had to /dev/null the /var directory and further it hit two ip's as exploit sources once uploaded to criminalip and otx so I decided to upload the entire squash-fs for posterity", "modified": "2024-05-04T06:04:15.503000", "created": "2024-04-04T15:10:05.285000", "tags": [ "binmount o", "syskerneldebug", "limit", "netmask", "broadcast", "network", "prefix", "argc", "start", "copyright", "etcpasswd", "failsafe", "login", "important", "binash", "sample", "attention", "maxfds1024", "etcfrr", "somename", "openwrt", "deviceproduct", "generic", "devicerevision", "dns server", "ipv6 prefix", "duid", "ipv6 address", "x5 x8", "xdxrn502j", "y1 y1s", "linkits7688d", "omega2p", "wrtnode2p", "s boot", "sample vpn", "olinux", "cnpeer name", "target", "change", "ldap", "text", "port", "priority", "a srv", "srv record", "ldap server", "dnssd", "ipsec", "yang xiaoqiang", "varlogwtmp", "unavailreturn", "distribid", "distribrelease", "barrier breaker", "distribrevision", "distribcodename", "distribtarget", "openwrt barrier", "breaker", "distribtaints", "overlay srcgz", "home", "etcbanner", "pathusrbin", "ps1u", "libmodules", "ulimit", "binmore", "usrbinvim", "kshversion", "etcmkshrc", "preinit", "pathbin", "ipv6", "protocol", "isis", "icmp", "cisco", "header", "skip", "path first", "internet", "iana", "devnull", "stop", "ipkginstroot", "allcommands", "term", "stop value", "sqlite", "dh exponent", "grep", "w processor", "begin", "fix bug129941", "xfrm", "ipsec tunnel", "bug97836", "cmdlistend", "bundle command", "cmdliststart", "list", "procname", "list procname", "zebra route", "frr support", "bgp support", "zebra support", "firewallrule", "firewallruleset", "httpport", "path wifidog", "redirectdomain", "clienttimeout", "public key", "info", "version", "node id", "menu", "wifidog", "status", "wifidog wifidog", "gnu gpl", "rt3x5x", "sbinswconfig", "power", "wifi", "ethernet", "wifi5g", "rssilow", "rssimedium", "rssihigh", "wan led", "devconsole cp", "conffiles", "file 99ensync", "abort", "ansert", "abort error", "atz say", "atcgmm", "atcgmr", "ok atcsq", "ok atcgmr", "ok atcgmi", "atgmm", "atgmr", "timeout", "abort busy", "carrier", "report connect", "ate1", "useapn", "dialnumber", "connect", "atcgmi", "ok atcgmm", "atgmi", "answer", "v1 e1", "d2 fclass0", "at ok", "abort no", "dialtone", "sierra wireless", "cdma", "sprint", "verizon", "dial tone", "certificate", "telnet 23", "http 80", "https 443", "ssh 22", "webtimeout", "010001", "admin", "airplay option", "afp option", "ftp option", "samba option", "scanners option", "ssh option", "lanv6", "brlan", "network1", "sigusr2", "passwordauth on", "port 22", "10000s", "12000s", "4000s", "6000s", "ikepro1", "modp1024", "ikepro2", "aes128", "ikeph1name", "ph2proposal1", "ph2proposal2", "ikeph2name", "combination", "ikev1", "google", "cloudflare", "cleanbrowsing", "quad9", "opendns", "quad91", "quad92", "ipaddresspurely", "fqdn", "peertopeer", "presharekey", "tplink", "wan1", "ipgroupany", "ipv6groupany", "roseville194", "openwrt system", "balance", "dhcpclient", "portal", "pppoeclient", "onlinedection", "auto", "flashkeep", "etcopenvpn", "etcconfig", "etcdropbear", "global", "natlanwan1", "accept option", "accept", "drop", "reject", "reject option", "ipv6 icmp", "sections", "wan2", "0000", "usb0", "password", "eth1", "wan1eth", "wan1poe", "wan2eth", "wan2poe", "wan3eth", "wan3poe", "wan4eth", "wan4poe", "4094409340920", "onlinecheck", "openvpn", "ip address", "openvpn server", "windows", "remember", "common name", "generate", "etcopenvpnccd", "thelonious", "silence", "push", "first", "advertisecfg", "ospfcfg", "dslite", "pppoeshare", "wan1v6", "wan2v6", "wan3v6", "wan4v6", "static", "dynamic", "radvdinterface", "advmanagedflag", "advsendadvert", "advrouteraddr", "advautonomous", "advonlink", "ssh config", "http list", "https list", "telnet list", "http", "telnet", "https", "tcpudp", "2121", "2222", "2323", "smtp", "2525", "5353", "pop3", "partitionuuid1", "16043212800", "devsda1", "partitionuuid2", "devsda2", "udp161 option", "er605", "vpn router", "maximum number", "http listen", "https listen", "server document", "rfc1918 ip", "dns rebinding", "tcp connection", "akroniteshare", "account", "4094", "switch0", "vlan1", "vlan4094", "vlan0", "vwan", "veth1", "1024", "gmt0800", "ledsys", "switchled1", "switchled2", "switchled3", "switchled4", "switchled5", "modem", "options", "devnull p", "name", "match", "pkix", "randfile", "cadefault", "ca certificate", "sha256", "t61string", "bmpstring", "utf8strings", "mask", "import", "easyrsa", "keydir", "openvpn package", "openssl", "pkcs11tool", "keyconfig", "easyrsakeys", "issue rm", "pkcs11", "scdftprof1m", "setapn", "setuser", "setpass", "setauth", "atcgdcont1", "qcpdpp1", "scact11m", "paul hardwick", "paul", "empty input", "command", "error", "atcops", "atcops10m", "atcops12m", "atim", "atcreg2m", "atcgreg2m", "atcgeqneg1m", "atcreg", "atcgreg", "atndisdup11", "atcgatt", "1 goto", "wwan error", "useauth", "useuser", "usepass", "qcpdpp3", "atcfun1m", "atcgdcont3", "scact13m", "scact03m", "wwan connection", "atcimim", "atcpin", "sim puk", "sim pin", "ready", "atcsqm", "atmode", "atband", "atcsnr", "atsysinfoexm", "atsyscfgex", "atsyscfg", "atsysinfom", "atltersrp", "atcnumm", "busy", "errorn", "atcops0m", "mccmnc", "atcops12", "atcmd", "atq0 v1", "e1 s00", "e1 z", "atcmgf1m", "atcmgf0m", "wwan mode", "mode", "atzpas", "atzrssim", "atzrssi", "atzsnt", "pincode", "sim readyn", "sim pin2", "pinn", "gstatus", "selrat", "car0", "atcnti0m", "atecio", "atrscp", "umtschan", "atcommandn", "atcommand", "atcmgs", "action", "delete", "wanmod", "acldeleterule", "acladdrule", "ipgrouplan", "i actiondelete", "hplog", "hotplog", "hotplog fi", "deleterule", "addrule", "natlan", "qosdeleterule", "interface", "devconsole uci", "devconsole", "wanhook", "onlinedelzone", "onlineaddzone", "shenzhen tplink", "create", "delayreboot", "vpn hook", "devconsole echo", "reboot delayed", "no vpn", "hook event", "return", "pppdconfigpath", "ifname", "grep q", "pppdtype", "pppdusername", "pppdpid", "ipremote", "iplocal", "tmpl2tp", "vpnfwmark", "vpnforwardtable", "t mangle", "chain", "m comment", "connmark", "mark", "device", "actionifup", "actionifdown", "exit", "routetableid", "cachetableid", "gateway", "yuan fengjia", "grep w", "not response", "check if", "interface init", "thus", "phddnsready", "phddns", "devconsole exit", "cmxddnsready", "cmxddns", "natready", "qosdeleteiface", "vnetlibdir", "procnumber", "w arpreq", "v grep", "procnumber le", "deviced", "ifnamefile", "zone", "ipv6addr", "ipv6addrlen", "delaycommit", "hotplugtypevnet", "zaction", "prerouting i", "dnat", "p tcp", "p udp", "q delete", "interface uci", "dhcpsconfigfile", "dhcpslibdir", "urlprefix", "device uci", "w nvl", "w nl", "vlan", "vlan fi", "usb auto", "scan", "devicename", "er605v2 usb", "no need", "omada gateway", "specialid", "usb modem", "1usb modem", "devconsole fi", "nat elif", "clean", "module", "napt", "snetmaskg", "snetworkg", "j masquerade", "masquerade", "hwnat", "x usrsbinxfwdm", "xfwdm f", "systemparams", "config", "l2tpname", "l2tpisserver", "l2tpmark", "l2tppppdpid", "l2tpaction", "l2tpremoteip", "q get", "6 route", "interface proto", "v6wan", "interface03", "t ifup", "skip interface", "devconsole res", "setup", "zonegetzonebyif", "imbprefix", "ipprefix", "usrsbinddns", "dyndns", "noip", "interface04", "interrface", "bridge", "m tcp", "j accept", "number", "shift", "ifup", "action ready", "lockfile", "ospfpipewrite", "ospfpiperead", "ospfpiperead fi", "lockfile fi", "zhu xianfeng", "params miss", "m multiport", "usbifs", "managedevschain", "zte tele2", "usbifname p", "modemlib", "firmware", "firmware bs1", "inicmacaddr", "please", "dts file", "tmpfileport", "checkports", "v6ports", "j v6plusoutput", "d zonewannat", "i zonewannat", "f v6plusoutput", "i v6plusoutput", "inputgrep", "input accept", "outputgrep", "output accept", "add filter", "forwardgrep", "forward accept", "confif2", "brif", "option", "option bindif", "rundir runfile", "confif1 confif2", "brif action", "addbr", "updbr", "delbr", "option zone", "ifpong", "where interface", "set interface", "update", "rundir", "runfile", "t backup", "p notice", "t fault", "ipt n", "ipt a", "ipt s", "prerouting grep", "tpsrhook", "tpsrposthook", "cut d", "ipt i", "prerouting", "tmpaccessctl", "varconffilepath", "conffilepath", "options fi", "tmpcrontabtmp", "binsh", "start80 start", "start99 start", "cmxddnxrule", "stop98", "e sbiniscal", "tmp insmod", "tmprsacheck", "pass", "ipt f", "ipt x", "start96 ipt", "ipt d", "prerouting j", "n1 ve", "etcdhcp6cctlkey", "duidll", "rfc3315", "x0ax00", "x00x03x00x06x", "using mac", "using user", "etcdhcp6sctlkey", "invalid proto", "usrsbindhcp6s c", "usrsbindhcp6s", "d tmproot", "filddpirunning", "usrlib", "dpimodule", "filepidpath", "start99", "nete", "vnl forward", "dpirestriction", "vardir", "pidvar", "confvar", "v grepawk", "etcdir", "confback", "cabundlepath", "bannerfile", "pidcount", "prog", "kill", "md5sum", "passwordauth", "configfile", "hostfile", "debugfile", "domain", "dfconfigfile", "dnsservers", "configfile fi", "xappend", "etccrontabsroot", "rulelibdir", "p varspoolcron", "s etccrontabs", "c etccrontabs", "start40 start", "usrsharextgeoip", "start20 stop91", "c etcgeoip", "s etcgeoipbe", "s etcgeoiple", "start71 stop71", "start97", "h webserverwww", "servicepidfile", "start95 start", "conffile", "lockfd", "prerouting p", "vnetconffile", "init process", "pidf", "rund", "detectdir", "backuplist", "gao jie", "start98 start", "p output", "start99 stop90", "input drop", "p forward", "etcconfigipstat", "usrsbinipstat", "sysclassleds", "brightness", "e sysclassleds", "usblteled", "usbstorageled", "check fan", "fannormalled", "fanerrorled", "devnull ps", "rf tmpl2tp", "i fi", "loadbalancepre", "usrsbinlldpd", "openwrt release", "sysclassnet", "groupadd", "p varrunlldp", "varrunlldp", "chen chen", "zhangzhongwei", "reorganize", "start46", "option ifname", "enable", "note", "varrun", "ndppdconffile", "usrsbinndppd p", "ndppdconffile d", "nginxbin s", "p varlognginx", "p varlibnginx", "procmeminfo", "memtotal", "nginxbin", "start68 start", "jophilipp wich", "gnu general", "public license", "see license", "start90 stop10", "extracommands", "openvpnsecrets", "phddnsinit", "prerouting m", "input m", "reject vnete", "vme dst", "j drop", "redirect", "start50 stop26", "bin rundvarrun", "vpnserverconfig", "default", "default mkdir", "start50 start", "radvdconfigfile", "radvdinterfaces", "langc", "afaf09", "base6interface", "getip6addr", "start22 start", "start97 start", "the author", "config sfe", "software is", "provided", "as is", "disclaims all", "warranties", "with regard", "direct", "runc", "runc configget", "libd", "logd", "rundvarrun pidf", "runc configload", "routenum", "rtnetlink", "existret", "routenum fi", "routestatefile", "e procnanduid", "procnanduid", "tmpspideviceid", "grep v", "rebootschedule", "tmptz", "sysparams", "fang zhao", "start21 tddpbin", "tddpbin", "libvnet", "uhttpdkey", "uhttpdcert", "uhttpdbin", "px5gbin", "uhttpdcert rm", "tmpuserconfig", "check", "tslibdirsettime", "start96 boot", "usrsbinupnpd", "urllibdir", "modemstorage", "p tmpmodem", "storagemodem", "usb modemusb", "start80 stop", "usrsbinusbmuxd", "vnet", "start70 debug", "tmppassword1", "f tmppassword", "f tmppassword1", "extrahelp", "print", "start91 start", "wanconfig", "vpnclientconfig", "start25 stop25", "zoneconfbuild", "wanmax", "zydas zd1211rw", "wlan usb", "variant", "option hso", "messagecontent", "option gi0643", "xyfi", "standardeject1", "configuration2", "netgear", "kobil midentity", "kobilmode1", "mobile action", "smart cable", "mediatek wimax", "usb card", "blackberry q10", "sony ericsson", "gw d301", "advinne amc", "configuration3", "c100", "c120", "c170", "c270", "c3xx", "needresponse1", "hummer dtm5731", "aircard", "alegro", "starcomms", "alcatel otx080c", "etcom e300", "haier evdo", "alcatel x602d", "archos g9", "alcatel otx220d", "alcatel ot", "prolink pcm100", "bsnl capitel", "explay slim", "telewell tw3g", "hspa", "fs01bu", "smartbro wm66e", "alcatel", "touch x020", "tu930", "ivio iv2010u", "vibe", "emobile d12lc", "mywave sw006", "emobile d21lc", "techfaith bsnl", "aiko", "qisda h21", "flying beetle", "qisdamode1", "wisue w340", "solomon s3gm660", "philips picopix", "option icon", "prolink phs100", "ph300", "hyundai mb810", "alink", "airplus mcd800", "onda mv815u", "onda mdc655", "onda mw833up", "mw835up", "onda mo835up", "onda mw836upk", "onda mw875up", "onda msa", "tim brasil", "onda tm201", "tim italy", "onda wm301", "cricket a600", "u210", "hp laserjet", "io data", "wmx2u wimax", "nexperia tm", "tdscdma", "samsung gtb1110", "samsung gtb3730", "samsung u209", "sunplus techn", "axesstel modems", "targetvendor", "anydata", "bless uc165", "celot k300", "techfaith venus", "celot ct680", "quirky option", "samsung sghz810", "prolink p2000", "vertex wireless", "various usb", "dlink dwm162u5", "dwm162 c1", "micromax mmx", "anydata ape540h", "tl131 tdlte", "siptune lm75", "linuxmodem", "qtronix evdo", "tianyi", "dlink dwm156", "hsupa", "rndis", "pantech lte", "huawei e173s", "huawei gp02", "e587 variant", "huawei e173", "moviestar", "huaweinewmode1", "huawei et302", "huawei et8282", "huawei et127", "huaweimode1", "huawei e353", "vodafone", "huawei kxxxx", "huawei k4203", "huawei e5377", "kddi", "huawei", "hwd12 lte", "huawei k3773", "vodafone k4305", "vodafone k5150", "vodafone k4201", "vodafone k4202", "vodafone k4606", "viettel", "huawei e173u2", "huawei k3770", "huawei e352", "huawei e3131", "huawei e3372", "huawei e3531", "huawei u7510", "u7517", "huawei e392u12", "e3131", "huawei e171", "huawei e3331", "huawei bm358", "huawei e169", "huawei e220", "e230", "e270", "huawei v725", "phone", "huawei ets1201", "huawei u8220", "tmobile pulse", "huawei u8110", "android sdk", "huawei ec168", "huawei e180", "huawei ec156", "huawei e372u8", "huawei k3765", "huawei k4505", "huawei r201", "huawei k3772", "huawei e1553", "huawei r215", "huawei w5101", "huawei u2800", "china telecom", "cdu680", "cnu680", "chu629s", "huawei generic", "linux", "cgu628", "cgu628a", "xs stick", "zte mu351", "zte ac581", "zte mf110", "zte mf112", "zte mf637", "orange france", "zte mf651", "ztet a356", "zte mf652", "zte mf190", "zte mf656a", "mf668a", "zte mf820", "zte a371b", "onda mt8205", "zte mf821d", "zte mf821dmf826", "zte mf90", "mobile hotspot", "telewell twlte", "vodafone k5006z", "mf821", "k5008z", "mf823", "vodafone k4607z", "zte k3770z", "zte mf691", "tmobile rocket", "zte mf192", "zte mf195", "zte mf668", "zte mf680", "zte mfxxx", "zte mf825a", "zte mf730", "zte mf591", "zte mf196", "zte mf190j", "zte mf710m", "zte mf60", "zte ax226", "zte ac682", "cricket a605", "zte generic", "uncomment", "intex", "tlaytech teu800", "strongrising", "china telcom", "air flexinet", "tata photon", "titan", "avm fritz", "stick n", "utstarcom um175", "alltel", "pantech", "pantech uml290", "option beemo", "p4200 lte", "hisense e910", "evdo phone", "sqn1210sqn1220", "sequansmode1", "motorola", "wlan", "tergusb3e", "joa telecom", "beceem bcsm250", "haier ce682", "evdo", "messagecontent2", "haier ce", "zoom", "intex speed", "bsnl teracom", "visiontek", "teracom lw272", "unknown", "quanta muq101", "message", "quanta", "yota router", "quantamode1", "speedup su8500u", "nokia cs10", "nokia cs11", "nokia cs19", "nokia cs15", "nokia cs12", "nokia cs17", "nokia cs18", "nokia cs7m01", "nokia cs21m02", "philips", "vodafone md950", "dragonfly", "kyocera w06k", "cdma modem", "hspa modem", "targetproduct", "toshiba g450", "lg vl600", "lg l02c", "lg sd711", "lg l08c", "ntt docomo", "lg hdm2100", "lg l05a", "lg luu2100ti", "t usbconnect", "turbo", "lg l07a", "lg ldu1900d", "lg luu2110ti", "lg ad600", "lg l03d", "huawei e630", "sagem f", "gctmode1", "sierra", "digicom", "pirelli", "experimental", "cisco am10", "valet connector", "novatel mc990d", "novatel mc996d", "novatel u760", "novatel mc760", "mifi", "novatel generic", "novatel mifi", "mc545 hspa", "u679 lte", "amoi h01", "amoi h02", "axesstel mu130", "dlink dwm157", "dlink dwm221", "messagecontent3", "dwp157 b1", "dlink dwm167", "dlink dwm158", "dlink dwr510", "mediatek mt6229", "olicard", "speedup su8000", "speedup su8000u", "changhong ch690", "dlink dwm163", "dwm168", "telenet", "w wu160", "viettel vt100", "tplink ma180", "tplink ma260", "exiss mobile", "e190 series", "cmotech", "xtcomment xtlog", "xtdscp xtlength", "xtecn xthl", "xtnat nfnatipv4", "querystring", "requestmethod", "contenttype", "contentlength", "scriptname", "requesturi", "documenturi", "documentroot", "serverprotocol", "requestscheme", "byelorussian", "a3 b8", "a4 ba", "a6 b3", "a7 bf", "ad b4", "ae a2", "b0 b0", "b3 a8", "yo b4", "apache", "weixin", "luci", "fastcgi", "sslv2 sslv3", "tlsv1", "high", "ssl1m", "e2809a", "e2809e", "e280a6", "e280a0", "e280a1", "e282ac", "e280b0", "e28098", "e28099", "e280a2", "c2a0", "c2b7", "a3 d191", "a4 d194", "a6 d196", "a7 d197", "ad d291", "private key", "vendor asnet", "attribute", "asnet attribute", "speedup", "asnet", "server secret", "microsoft", "values value", "mschapresponse", "mschaperror", "mschapcpw1", "mschapcpw2", "mschaplmencpw", "mschapntencpw", "plural", "value", "value authtype", "roaringpenguin", "cistronradiusd", "local", "translations", "valid", "example", "attribute value", "interfacemode", "wirelesshost", "wizard", "systemmode", "interfacemac", "wirelessmac", "timemngt", "service", "10000", "4096", "factory", "framedprotocol", "alive", "merit", "merit extension", "value sipmethod", "invite", "cancel", "obsolete", "move", "include", "vjtcpip", "shelluser", "unix", "radius", "radius server", "general", "radius client", "server name", "clientserver", "ascend", "jens glaser", "euraw", "euui", "comb", "frcir", "frdirectno", "frdirectyes", "type", "button", "pidfile", "seen", "usrbinlogsave", "rfkillstate1", "bseoe6fuwg", "amvzwg", "kwbqbm0", "qrbdj3nghvdjigc", "ihnzbm8m9yop5w", "okue6n36b9k", "tppdpfquww", "drw5visp", "ubkwb1whnw0a", "efcmq", "root ca", "traditional pem", "authority", "global root", "root", "ecc root", "bwme", "gts root", "sectigo public", "premium", "whether", "netlink message", "buffer size", "netlink", "pagesize", "firewall mark", "netlink route", "netlink xfrm", "ike xfrm", "attr", "engine id", "openssl plugin", "set openssl", "fips mode", "suite b", "file", "rngstrong class", "rngtrue class", "listen", "set source", "ipv4", "analyze", "treat", "socket", "disable charon", "configuration", "loglevel", "ikesa", "identifier", "ikesas", "ike daemon", "id payload", "childsa", "install", "path", "rsa private", "t timer", "active", "reset", "expire", "accesscontrol", "tmnglog", "rest", "reset event", "etcconfigfstab", "moving root", "hexdump e", "q batch", "eof exit", "thu oct", "fri oct", "in dnskey", "internet domain", "bind domain", "internic", "in ns", "by verisign", "by ripe", "by icann", "by wide", "huawei 0004", "huawei 0003", "huawei 0005", "huawei 0001", "zte 0001", "zte 0002", "zte 0003", "zte 0004", "huawei 0002", "versalink", "configname", "rulename", "zonenumber", "targetname", "require", "l accessctl", "lan2lan", "position", "aclkeys", "zonein", "ucir", "zonedict", "zonenoin", "acllog", "1acl", "come in", "oldifs", "configtype", "section", "fwlibdir", "fwacllibdir", "m udp", "sectionname", "zonesnil", "srcnetwork", "ctmarkshift", "ctmarkrelated", "ctmarknewbit", "ctmarkinvalid", "ctmarkdef", "ctmarknew", "name fi", "1acl j", "icmpall", "huang zhenwei", "adlibdir", "adinitialized", "noexport", "stretz", "configappend1", "configappend", "function", "output", "iface", "line", "setname", "m set", "input", "v incomplete", "v address", "tmparplist1", "procuptime", "routingmode", "routingmode1", "devnull uci", "timer", "rtfile", "rtret", "rtfile f", "rtflag", "n awk", "grep g", "h grep", "rtflag fi", "baifacefile", "bastatefile", "srcurid", "srinfaceid", "bastatedir", "baifacedir", "srdir", "srinfaceid grep", "retfile", "xujun", "invalid option", "invalid func", "usrsbinarpreq", "clicfgpath", "tmpaccessconfig", "cfgpath", "gettimerange", "getifall", "getif", "lanlan", "success", "failed", "result", "setlocalaccount", "getlanlist", "getipgroup", "accesslistnum", "servicetype", "ruleid", "getindex", "tonumber", "currenttime", "februarynum", "smallfebdaymax", "bigfebdaymax", "timezone", "date", "keyname", "interfaceerror", "assert", "tagtype", "setdesc", "submask", "para", "ipv4address", "ipv4netwknum", "insert", "copy", "ipsecfailstatus", "checkexist", "ipaddress", "optionname", "encmode1", "fail", "responder", "portid", "data", "mirrorport", "portend", "sourceport", "naterror", "natsuccess end", "natprompt", "prompt", "natdata", "selectedname", "portstart", "istart", "routingerror", "adddata", "index", "routingsuccess", "crud error", "ospfinterface", "ospf", "ospfretre", "ospfautotypemd5", "simple", "vlan type", "down", "wanport", "primary ip", "proto", "ipaddrbits", "ripv1", "duplex", "flowctrl", "activemedium", "linkup", "setsnmpv1v2", "snmpv3en", "username", "contact", "setsshserver", "equal", "time settings", "weekday1", "sectimenumhour", "timeslicepoint", "entryname", "calendar", "vlanfailstatus", "vconfig", "vlanform", "vlan id", "address", "optional", "time", "settings", "please enter", "comment", "telecom", "upgrade", "reboot", "refresh", "defense", "code", "tokyo", "armenia", "panama", "jakarta", "back", "next", "tips", "class", "flood", "flash", "speed", "download", "lockout", "belarus", "indonesia", "mexico", "paraguay", "philippines", "ukraine", "uruguay", "facebook", "middle", "bind", "tools", "period", "media", "ping", "death", "stream", "enterprise", "live", "maha", "mais", "adduser", "never", "format", "trace", "clock", "alma", "third", "multi", "little", "critical", "done", "false", "mainserver", "execution", "keepalive", "package", "uciconfigdir", "sbinuci", "configsection", "120m", "ippool", "config dnsmasq", "directoryd", "type1", "type28", "f2cut d", "xargs", "g nogroup", "ctlcmd c", "vardir cp", "switch", "fdlibdir", "fdinitialized", "j dosdefense", "j dosdrop", "t raw", "all fin", "forward", "j zone", "mssfix", "forward j", "input j", "output j", "accept accept", "drop drop", "need v6", "fwinitialized", "libnetwork", "i restarton", "t firewall", "snat", "dnated traffic", "sbinifconfig", "notrack", "notrack rule", "j return", "j connextmark", "a sfemark", "a hwnatmark", "a prerouting", "j extmark", "export", "fwicmp4types", "fwicmp6types", "fwruleofs", "fwzones4", "fwzones6", "stretz export", "fwaerror0", "m mac", "sadd", "sdel", "a flooddefense", "m conntrack", "new j", "extmark", "m extmark", "connextmark", "c tmp", "i prerouting", "d forwardauth", "s usr1", "xargs kill", "loadrule", "j freestrategy", "luo pei", "free", "pistacklist", "kernelvermajor", "part", "piran", "awk f", "o noatime", "n pihooksplice1", "networkifstatus", "addr", "ipv4 address", "ipv4 subnet", "servicesig", "exec", "servicewritepid", "args", "serviceusepid", "servicedebug", "servicequiet", "servicesigstop", "procdsetparam", "procdkill", "script", "complete", "procdcall", "procdwrapper", "procdubuscall", "saved", "strtype", "parentdir", "ramfsdirs", "file strlen", "strlen1", "strlen", "cfgsync", "prefixdevmtd", "d devmtd", "ne x", "configsections", "lock", "etcgroup", "tunnelname", "wanname", "tunnelname p", "greservicerule", "j ct", "j snat", "plutoverb", "plutoconnection", "exist anete", "include zone", "ripaddr", "effde", "effif", "imbprocfile", "tmpstateimb", "ifip", "imblibdir", "imbinitialized", "zones", "n members", "move handling", "i actionupdate", "me hash", "me zonelist", "ipgrplibdir", "me set", "processfailover", "autofailback", "failoverpids", "autopids", "onlinezones", "j connmark", "input p", "myecho", "usrsbintmngtd", "domainspecial", "dnsq", "oldaddr", "usage exit", "invalid command", "ipsecsection", "checking", "connectionname", "etcconfigipsec", "chen xing", "algorithm", "ipsecweblock", "remotenetwork", "j dnat", "c vpnpre", "chenxing", "targetchain", "nfqueue", "tmplogvnetclog", "vnetcexecinvnet", "wanpassthrough", "wantype", "lanpassthrough", "lantype", "ttadvrouteraddr", "wang wenjing", "ipv6grplibdir", "tmpipv6loggg", "aawk v", "xl2tp", "sname", "xname", "devnull fi", "32 fi", "ikeph1", "dut init", "plutopeer", "plutomarkout", "plutouniqueid", "devconsole kill", "l2tpcdistribute", "mtu1300", "loadglobal", "xl2tpd", "killxl2tpd", "search", "nettimeout", "configdir", "nettimeout3", "tlsreqcert", "allowg", "pptpconfigfile", "l2tpconfigfile", "usage", "rstart", "sessiontimeout", "ldapquery", "mediatek mt7621", "ramipsmodel", "snor", "zyxel keenetic", "ramipsboardname", "all0256n", "asl26555", "awm002 evb", "f5d8235", "nand", "omni", "mkdir", "luopei create", "o veth1", "mflibdir", "mfinitialized", "macgrplibdir", "backup", "blank", "pwr1", "pwr2", "tmpfanstate fi", "er8411", "tmpfanspeed", "modvpn", "natlogprint", "rewrite", "root chain", "modules chain", "modone", "moddmz", "rules", "build filter", "dnat j", "naptdevicechain", "naptdevicemark", "naptdevicecache", "modpt", "validptifaces", "j trigger", "port triggering", "return fi", "modvs", "loopback snat", "32 p", "natprint", "natfd", "wc l", "natready flock", "natlogfile", "natlogdir", "natlibdir", "nattmpdir", "natlogenable", "natlogfile fi", "natdebug", "natwritefile", "modnapt", "determine", "includeonly", "nowanlink", "missingaddress", "zone6rd", "hardversion", "iface6rd", "e usrsbinallifs", "usrsbinallifs", "sigusr1", "l sigusr1", "nodevice", "f sysclasstty", "noifname", "baddevice", "pinfailed", "logprotosetup", "loggetsignal", "getinfofailed", "logprotoinit", "control device", "no apn", "noapn", "devconsole eval", "usrsbindhcp6c", "authfailed", "invalidoptions", "l sigterm", "getmacaddrerror", "geteuiiderror", "nowanaddress", "logmoduleipv6", "logipv66to4up", "v zone", "jsongetvar", "usrsbinpppd", "etcpppfilter", "interval5", "usrsbinxl2tpd", "could", "lcp term", "stdout", "aftrname", "stdoutdevnull", "dnssnd", "stdout mtu65000", "rssi", "dhcppidfile", "x v6plusoutput", "6 tunnel", "legacy1", "invalidprefix", "promisc", "oifs", "xprefixlen", "todo", "preconfig", "xifname", "xipaddr", "netifdmaindir", "wdevnotifyinit", "wirelesssetup", "wirelesssetdata", "ccmp tkip", "ccmp", "tkip", "wiface setup", "device setup", "protoprefix6", "protokeep", "protonestedopen", "protodns", "protodnssearch", "protoipaddr", "protoip6addr", "protoroute", "protoroute6", "pppipparam", "dns1", "dns2", "lllocal", "llremote", "state", "logipv6dhcp6cup", "procnetifinet6", "size", "aftrname echo", "svar", "random", "dhcppidfilehgw", "d forward", "dhcpscript", "ifnamendiscmbit", "slaac", "lanphyportset", "lanportset", "lan2", "lan3", "lan4", "wanportset", "wanphyportset", "cpu phy", "s call", "onlinestatefile", "onlinedevfile", "onlinestatedir", "onlineblockfile", "omada", "onlinemodeid", "link backup", "dowmlogid", "ubusobject", "remoteip", "localdevnet", "vpnrulenum", "virtual", "openvpnfwmark", "reply m", "remtoeip", "devname", "actualip", "configfilename", "zonewanopenvpn", "vlocalip", "vpnrulenum fi", "vremoteip", "echo", "unknown option", "i nobindd", "i locald", "publicdnsserver", "usrsbinopenvpn", "tmpopenvpnpwd", "authretryd", "i proto", "chroot", "sectionname wan", "devconsole fw", "sectionname dev", "author", "secname", "interface flag0", "4 route", "tpprconnected", "t grep", "tmppolicyroute", "l2tp", "pptp", "configptah", "killpptpd", "echoinfo", "pppoxpptptype", "pppoxpath", "pppoxl2tptype", "v wan", "serverpath", "loadoneuser", "tmppppoxpptp", "beginloaduser", "endloaduser", "usertypematch1", "profile", "serveron", "serveron pns", "pppoxpppoetype", "loadonepppoe", "deladd", "isexist", "configmyconfig", "q tmppptp", "tmppptpserver", "i snoccp", "usepeerdns", "persist", "plugin", "zonex", "maxfail", "sigchild", "mgrfather", "mt7620", "board", "hexdump", "checksum", "jffs2 partition", "wnce2001", "signature", "asus rtn56u", "preinitn", "initramfs", "boothookadd", "failsafetrue", "press", "int trap", "usr1", "tmpdebuglevel", "failsafe grep", "q failsafe", "proccmdline", "please reboot", "procnetdev", "doing openwrt", "libsh", "qosready", "thismodule", "qosconfigdir", "qosuci", "qoslogprint", "qoslibdir", "qostmpdir", "qostmpdirready", "moduleuci", "styperule", "idxv4", "idxv6", "qosfile", "qosrulechain", "qoschain", "qosfileip4", "qosfileip6", "qosret", "if iface", "uci grep", "stypeiface", "qosmarkbitstart", "qosmarkbitlen2", "qosgmarkmask", "qosmarkmask", "qostcidfile", "tcidbase", "tcidspec", "qoswritefile", "qosinfoprint", "qoserror", "incqoscid", "tcidmax", "spec", "qospollingfile", "deal", "qosthreshold gt", "qosthreshold eq", "qosgrpmarkfile", "grpmarkbitbase", "grpmarkspec", "incqosgrpmark", "grpmarkbase", "insertrule", "qoswritelog", "iptprefix", "iptprefix nvl", "e 1d", "iptprefix l", "iptprefix n", "iptprefix a", "qosret 0", "qosstate", "qosconfiger", "wanall", "snameglobal", "ifacelist", "ruleoptlist", "stopflag", "stub", "qosmarkfile", "markspec", "markbitbase", "markbase", "incqosmark", "m mark", "o get", "zonelist", "wan3", "wan4", "linerate", "qosstatefile", "qosrulespec", "incqosstate", "lannetdev", "grplist", "tttt", "forward vn", "tc qdisc", "tc class", "r2qhtb", "filest", "qdiscl", "defaulthdl", "tc p", "this", "rmchain", "serverports", "rejectports", "m vlan", "routestatedir", "src6", "dst6", "exist", "servicelibdir", "ipset", "j reject", "m tpconnlimit", "restart", "t mirror", "egress", "maxportnum", "s state", "m mode", "p mirrorport", "m ingress", "maxportnum1", "s17p1statusreg", "led bling", "ar8337portsmax1", "portvlanmax", "memeber", "null", "p portsid", "o flush", "rxnormal", "rxall", "flush", "maxportnum5", "t pvlan", "portvidmem", "cpu port", "port vlan", "v vid", "s17phycontrol", "t para", "10mh", "100mf 1000mf", "check rsa", "flowlinken reg", "full", "half", "multicast", "mbps", "rate", "t control", "ingress", "i istate", "m imode", "mirror state", "10mh 10mf", "100mh 100mf", "1000mf", "f flowcontrol", "r irate", "rtl8367sled0reg", "rtl8367sled1reg", "sfp2", "maxportnum11", "sfp0", "sfp1", "uciconfigdir cd", "macflowa", "macflowon", "macflow0", "macflowoff", "wan port", "swconfig", "unicast", "write address", "vlanid", "tbopwrite", "tbtargetcvlan", "write command", "port4control", "port5control", "port3control", "port0control", "port1", "tmplanmac", "mac learning", "lan port", "port1control", "port2control", "mirror mode", "phycontrolreg", "txall", "mt7530", "tlwvr458l", "lanport", "lanend1", "maxportnum fi", "cpuport", "vlanidx", "cpuport1", "0x0de0", "msb bit01", "enable reg", "ifg reg", "phyresolvedreg", "tmpcfg", "realtek", "wvr458war458", "phy index", "copyight", "yuanfengjia", "ceate", "timeobjadd", "timeobjdelete", "etcprofile", "montbl", "tblstartmonth", "weekdaytbl", "yeardaytbl", "startweekday", "tblstartcount", "tblstartweekday", "d etcnixio", "invalid image", "argv", "sysupgrade", "devwatchdog", "ciubipart", "cikernpart", "remove volume", "n troot", "wc c", "n kernel", "n rootfsdata", "kernel", "ramrootlib64", "conftar", "ramroot", "binmount", "bindd", "proc", "modupnp", "ucitmppath", "ucitmpconfig", "ucitmpupuppath", "upnplanchain", "upnplock", "l urlfilter", "tmpcon", "original p", "m urlsetmatch", "url j", "m urldnsmatch", "a urlfilter", "websec", "zoneapireturn", "zonefilelock", "vneton", "logconsole", "vnetbootingy", "loadavvlan", "ipv6addr fi", "ipv6addrlen fi", "loadunload", "loadainterface", "cleanainterface", "vnetiflock", "vnetlock", "vifname", "ipv6prefixlen", "vipaddr", "vnetmask", "vipaddr6", "vprefixlen6", "t filter", "buildainterface", "cleanazone", "i forward", "a webfilter", "l webfilter", "a websec", "sec j", "j websec", "f websec", "ipt t", "tmpwebsecurity", "l websec", "fileexts", "allowip", "wireguardfwmark", "listenport", "ifname p", "method", "nvl inputrule", "nginxconf", "wifidogconf", "lan1", "liwei mkdir", "ruleknownip", "ruleknownmac", "ruleknownipmac", "ruleremind", "ruleremindmac", "ruleremindipmac", "ipsetlimit", "ipsetlimitip", "zonestart", "zonestop", "zonerestart", "get vpn", "get effect", "get normal", "normal", "groupvzones", "groupzones", "wanw", "zonevgname", "zonecreategroup", "configvpniface", "zonestateconfig", "vpn iface", "newmac", "newmac yes", "yes1", "current mac", "overwrite", "converthex", "new mac", "write", "eeprom", "hotplugtype", "path logname", "user export", "devpath", "ifdown", "ev wan", "s list", "brightness exit", "head", "tmplog", "tmplog fi", "devmtdblock", "reloading", "md5file", "md5file rm", "gmac", "updates", "overlay tar", "kill runramfs", "volatile", "snapshot", "verbose", "confrestore", "tarv", "confbackup", "confimage", "needimage1", "needimage", "meta", "drivers", "devices", "type case", "devices drivers", "libwifi", "devubi0 s", "n logrecovery", "n database", "usrbiniptables", "iptablesok", "testiptmac", "wddirwdctl", "scanning disk", "test", "kamikaze", "downloadser605", "build", "integer", "valuepair", "uint4", "namelength", "ipaddr", "radiusclientngh", "begindecls", "enddecls", "servermax", "prohibit", "void", "dpidatabaseram", "sigint", "dpiappdatabase", "dpitagdatabase", "gnu libtool", "please do", "linker", "directory", "free software", "foundation", "license", "without any", "warranty", "merchantability", "fitness", "ddnseventmodule", "ddnseventid", "guo dongxian", "april", "tp new", "ui status", "dns error", "dyndns state", "dynamic dns", "june", "common log", "service start", "service stop", "servicepath", "linevalue", "linevalue fi", "angus mackay", "offline", "noipretcodegood", "noipstaterunok0", "ddnsextver eq", "newlineifs", "r n1", "registeredip", "eric paul", "bishop", "leave", "written", "janary", "tp log", "myip", "column", "wildcardno", "mxnochg", "backmxnochg", "add yours", "here", "dpidbpath", "procdpiappstat", "procdpiappblock", "dbenv", "tostring", "tmpdpitmpstat", "tmpdpitmpblock", "plutopeerclient", "plutome", "plutomyclient", "plutopeerid", "tag p", "facprio", "plutomysourceip", "plutomyprotocol", "pluto", "authiplimit", "authiplimitip", "curauthnum", "auth num", "logmoduleportal", "authtypeweb", "authtyperadius", "authtypewifi", "loguserexpired", "authtypeonekey", "authtypeldap", "idlemintimesec", "authtypewechat", "useragent", "wportalradius", "cookie", "android", "varchar", "authressucc", "authsvrconn", "authresmacerr", "authlistconn", "select from", "label", "span", "strong", "zempty", "icons", "select", "striptags", "pcdata", "legend", "fieldset", "textarea", "replace entry", "steven barth", "apache license", "found", "sorry", "internal server", "footer", "indexer", "collectgarbage", "peak", "retval", "main", "vendor", "prodid", "cls02", "sub0e prot00", "modemtmp", "logallport", "searchtty", "alltty", "d dev", "busfile", "clsff", "clse0", "cls0a", "break", "vid pid", "unsuretty", "storage", "reinit usb", "modemliblogawk", "logmodeswitchs", "cls08", "atr03", "count", "driver", "usbport", "logunlockpin", "unlockpin", "puk code", "modem unlock", "loggetisp", "fileispjson", "findcountry", "location", "findisp", "usbmodemdebug1", "portfile", "usbport fi", "cfgfilepath", "tmpcsfilepath", "ubiquiti", "atheros", "powerstation2", "ralink", "subsystem", "powerstation5", "sr4c", "frequency", "jsonprefix", "jsoncur", "jsongetvar cur", "jsonunset", "keys", "jsonvar", "dest", "jsonseq", "cidr static", "routes", "document", "150px 524px", "46px 524px", "195px 524px", "150px 556px", "46px 556px", "195px 556px", "219px 309px", "219px 333px", "90px 36px", "f4f4f4", "f2f2f2", "151px 151px", "f9b61e", "80px 224px", "eaeae8", "f3f3f5", "verdana", "54px 36px", "geneva", "326px 54px", "329px 58px", "532px 85px", "ebebeb", "21px 21px", "chrome", "7px 7px", "219px 111px", "dd4040", "252px 54px", "220px 5px", "access control", "inner", "app dist", "arp scan", "bwlist qq", "location group", "switch ddm", "dns cache", "backup restore", "gre overipsec", "interface mac", "interface mode", "ipgroup address", "ipgroup group", "ipgroup view", "ipsids", "systemroutetbl", "ipv6group group", "l2tp client", "l2tp server", "l2tp tunnel", "ldap profiles", "mac filtering", "nat dmz", "online check", "pptp tunnel", "reserved", "login auth", "class inbound", "status outbound", "session limit", "switchportvlan", "syetem mode", "systemstate cpu", "url filter", "auto backup", "usb storage", "usermngr backup", "server", "port setting", "port pvid", "relation table", "vlan setting", "vpn user", "vpn wireguard", "website filter", "url set", "wizard wan", "advanced", "rngpptr", "array", "biginteger", "birc", "rsa encryption", "arcfour", "pkcs", "xhlhxl", "bits", "explorer", "canvas", "awidth", "aheight", "canvasgradient", "param", "arcscaley", "canvaspattern", "htmlelement", "without", "html5 shiv", "jdalton", "jonneal", "mitgpl2", "freebsdlicense", "examples", "arial", "alignoffset", "xalign", "point", "formatter", "flot plugin", "iola", "ole laursen", "mit license", "x axis", "otherps", "flot", "series", "axis", "angle", "coord", "axismargin", "width", "delta", "infinity", "zero", "shutdown", "trigger", "ftrue", "ystartangle", "lnull", "bnull", "oparsefloat", "m100", "pm100", "ffalse", "sfalse", "jsonobject", "json", "string", "typenumber", "syntaxerror", "typeof e", "regexp", "typeof n", "typeof t", "typeof r", "pseudo", "ariel flesler", "parseint", "scroll", "html", "toff", "borderbwidth", "targ", "round", "0xff", "transformbuffer", "i4offset", "i4joffset", "0xffffffff7", "0xffffffff1", "invalid type", "mapping", "typecheckbox", "valuearray", "vold", "numflag", "percolumnnum", "unselectable", "items", "store", "callback", "field", "xtype", "typefile", "getcontainer", "title", "params", "parentuuid", "keyproperty", "node", "nodes", "uuid", "form", "increase", "decrease", "encrypt", "charlength", "flagup", "flaglow", "trim", "property", "height", "dataname", "widthvalue", "heightvalue", "contentflag", "boxvalue", "abcd", "jkmn", "regchar", "efghi", "argentina", "australia", "classobj", "oneclass", "minvalue", "maxrange", "minrange", "range", "maxvalue", "invalid range", "caps lock", "sepmark", "separator", "azaz09", "len1", "week", "dataweek", "msgcontaienr", "datatimestart", "datatimeend", "timearray", "0 dismissdelay", "editingindex", "editortype", "invalid editor", "dataindex", "dindex", "jndex", "daindex", "totalpage", "currentpage", "minnum", "maxnum", "gap1", "keywordtype", "columns", "temp", "maxkeys", "inhtml", "alert", "case", "currentindex", "item", "nextindex", "previndex", "invalid step", "widget", "fieldlabel", "posx", "container", "inlineblock", "combinekey", "statustemp", "instance", "callbackfail", "callbackerror", "keyarray", "debug", "jlen", "ajax", "nodeid", "controller", "d1dd", "true", "iframe", "09afaf", "mind", "typeof symbol", "window", "math", "object", "typeerror", "reflect", "generator", "epsilon", "reset yui3", "typehidden", "ecf4d3", "opera", "cache manifest", "cache", "128c", "qrcode", "2g2g2q2q0g", "modenumber1", "modealphanum2", "mode8bitbyte4", "helvetica neue", "helvetica", "heiti sc", "hiragino sans", "microsoft yahei", "gradienttype0", "typesearch", "typebutton", "typereset", "typesubmit", "typeradio", "cbit", "cbid", "click", "checkbox", "xhrpollstatus", "xhrpollstatuson", "xmlhttprequest", "activexobject", "close" ], "references": [ "hwnat", "ipcalc.sh", "login.sh", "cli_accountmgnt_cmd.tree", "cli_base_cmd.tree", "cli_cmd.tree", "cli_clock_cmd.tree", "cli_access_cmd.tree", "cli_extra_cmd.tree", "cli_http_cmd.tree", "cli_ipsec_cmd.tree", "cli_nat_cmd.tree", "cli_show_iface_cmd.tree", "cli_ssh_cmd.tree", "cli_routing_cmd.tree", "cli_show_interface_status_cmd.tree", "cli_snmp_cmd.tree", "cli_interface_cmd.tree", "cli_time_range_cmd.tree", "daemons.conf", "daemons", "cli_vlan_cmd.tree", "dhcp6sctlkey", "device_info", "dhcp6s.conf", "diag.sh", "frr.conf", "filesystems", "firewall.user", "hosts", "group", "inittab", "ipsec.conf", "dnsmasq.conf", "ipsec.secrets", "mtab", "logrotate.conf", "nsswitch.conf", "openwrt_release", "openwrt_version", "passwd", "pptpd.conf", "opkg.conf", "profile", "preinit", "protocols", "rc.common", "shells", "services", "shadow", "strongswan.conf", "rc.local", "sysctl.conf", "sysupgrade.conf", "support_bundle_commands.conf", "vtysh.conf", "sys_monitor.conf", "wifidog.conf", "verify_pub.key", "wifidog-msg.html", "usb-mode.json", "02_network", "01_leds", "65_nginx_sync.sh", "00_start_sync.sh", "99_end_sync.sh", "chat-get-qualcomm_2", "chat-get", "chat-get-anydata_2", "chat-get-qualcomm_1", "3g.chat", "chat-gsm-test", "chat-gsm-test-anydata", "chat-get-anydata_1", "chat-gsm-test-qualcomm", "chat-modem-test", "chat-modem-configure", "disconn-script", "evdo.chat", "cloud_service.cfg", "cloud_config.cfg", "2048_newroot.cer", "access_ctl", "administration", "accountmgnt", "arp_scan_range", "auto_backup", "arp_defense", "avahi-daemon", "controller.lock", "cli_server", "controller.conf", "countrygroup", "cmxddns", "custom_dhcp", "customddns", "dhcp6s", "ddns", "dhcp", "dhcp6c", "dhcp_logrotate", "dos_defense", "dpi", "dynddns", "ecs", "ecsIfName", "filter_global", "freePolicy", "dropbear", "flood_defense", "freeStrategy", "gre", "imb", "ifstat-mini", "improxy", "ipsec", "ippool", "ipsec_failover", "dnsproxySecurity", "ipsec_secrets", "ipstat", "iptv", "ipgroup", "l2tp-global", "ipv6group", "l2tp-client", "l2tp-server", "ldap", "led_set", "line_backup", "l2tp-server.reference", "lldpd", "load_balance", "logger", "luci", "locale", "mac_filter", "nat", "firewall", "macgroup", "modem", "mwan3", "omada-tool.conf", "noipddns", "nwadditional", "omada-tool.lock", "network", "online", "openvpn_user", "openvpn", "phddns", "policy_route", "ospf", "pptp-client", "portal_mgmt", "pptp-client-global", "pptp-global", "protocol", "pptp-server-global", "qos_ctl", "radvd", "qos", "reference", "rip", "remote_mngt", "sdnInfo", "pptp-server", "session_limits", "service", "sfe", "sharecfg", "snmpd", "static_route", "splitaccess", "switch", "system_mode", "tddp", "time_mngt", "system_params", "uhttpd", "upnp", "url_filter", "usermngr", "usbshare", "user-secrets", "ucitrack", "vlan", "vnetwork", "vpnlog", "webfilter", "system", "webfilter_global", "websort", "web_security", "wireguard_interface", "wireguard_peers", "wportal", "zone", "user-secrets.reference", "dropbear_rsa_host_key", "serial", "index.txt", "openssl.cnf", "vars", "openssl-1.0.0.cnf", "connect-directip.gcom", "command.gcom", "baseinfo.gcom", "cellinfo.gcom", "connect-ncm.gcom", "getcarrier.gcom", "directip.gcom", "getcardinfo.gcom", "connect-ppp.gcom", "directip-stop.gcom", "getimsi.gcom", "getimsi_b.gcom", "getpinstatus.gcom", "getstrength.gcom", "huaweiinfo.gcom", "getcnum.gcom", "modem-gsm-test-anydata.gcom", "getregistestate.gcom", "lock-prov.gcom", "modem-gsm-test-qualcomm.gcom", "ncm.json", "run-at.gcom", "reset.gcom", "modem-configure.gcom", "sendsms-at.gcom", "setapn.gcom", "setmode.gcom", "zteinfo.gcom", "setpin.gcom", "sierrainfo.gcom", "runcommand.gcom", "smschk.gcom", "11-led", "10-firewall.sh", "22-access_ctl.sh", "25-pppox.sh", "22-imb.sh", "21-nat.sh", "40-qos.sh", "70-policy_route.sh", "26-openvpn.sh", "70-switch.sh", "89-remote_mngt.sh", "95-online.sh", "96-customddns.sh", "96-cmxddns.sh", "96-dynddns.sh", "96-noipddns.sh", "96-phddns.sh", "97-line_backup.sh", "97-route.sh", "98-ipsec.sh", "98-iptv.sh", "99-wan_hook.sh", "97-load_balance.sh", "97-upnp.sh", "12-netbios-passthrough", "10-pppox-if-up-down.sh", "30-policy_route.sh", "22-access_ctl", "29-static_route", "20-firewall", "02-split_access", "80-balance.sh", "40-qos", "00-vpn_hook.sh", "97-mwan3.sh", "99-vpn_hook.sh", "00-vnet_client.sh", "00-ecsIfChange", "1-vnet_lanhook.sh", "1-vnet_lanv6hook.sh", "05-vnet-lanv6", "20-upnp", "18-dnsproxyvnet.sh", "22-imb", "00-vnet.sh", "22-qos-tplink", "50-improxy", "40-remote_mngt", "60-dhcpsvnet.sh", "65-wifidog.sh", "92-pppox-vpn.sh", "99-mdns.sh", "90-portal_mgmt", "02-usb-auto-scan", "10-motion", "01-usb-led", "15-usb_mode", "30-3g", "20-firewall.sh", "10-pppox-response-nat.sh", "10-metric.sh", "50-l2tp-up-down.sh", "50-qos_ctl", "1-lanhook.sh", "1-lanv6hook.sh", "00-netstate", "01-zone", "03-vlan", "05-lanv6", "04-ipv6", "02-vnet.sh", "06-wan_log", "10-sysctl", "18-ipgroup", "15-online.sh", "18-ipv6group", "22-dos_defense", "25-ddns", "26-freeStrategy", "50-l2tp-lowerif-up-down.sh", "65-iptv", "70-pptp-ifdown.sh", "72-wan_ip_alias", "85-ntp", "92-dynamic_route", "90-vpn", "91-gre.sh", "99-hotplug_done", "99-vnet.sh", "99-z3g4g-connect", "60-dnsmasq", "10-rt2x00-eeprom", "30-v6plus", "60-pptp-reload-rules.sh", "10-l2tp-pptp.sh", "50-access_ctl.sh", "18-dnsproxy.sh", "40-imb.sh", "60-dnsmasq.sh", "46-nat.sh", "60-mac_filter.sh", "99-load_balance.sh", "97-qos.sh", "99-nginx.sh", "00-configlink.sh", "10-mount", "10-policy_route.sh", "70-backup", "15-mwan3", "40-load_balance", "backup", "bootcount", "boot", "default_balance", "done", "dnsproxy", "dnsmasq", "dynamic_route", "drop_caches", "cron", "fstab", "geoip", "gre_init", "enablemodem", "ipv6", "led", "l2tp", "led_early", "loggerd", "monitor", "netbios_passthrough", "ndppd", "nginx", "pppox", "pptpd", "queueventd", "qos-tplink", "rsa_check", "smp", "spi_device_id", "sys_monitor", "sysntpd", "tddpd", "sysctl", "tmngtd", "umount", "time_setting", "usbmodem", "usbmuxd", "vnet", "wifidog", "wireguard", "zbalance_loop_reset", "xl2tpd", "zero_boot_done", "zombie_monitor", "zzomada_server", "zzzzzsys_info", "zzzcloud_proc", "telnet", "zzddns", "rt_tables", "location.json", "0ace:20ff", "0ace:2011", "0af0:7a01", "0af0:7a05", "0af0:4007", "0af0:6711", "0af0:6731", "0af0:6751", "0af0:6771", "0af0:6791", "0af0:6811", "0af0:6911", "0af0:6951", "0af0:6971", "0af0:7011", "0af0:7031", "0af0:7051", "0af0:7071", "0af0:7111", "0af0:7211", "0af0:7251", "0af0:7271", "0af0:7301", "0af0:7311", "0af0:7361", "0af0:7381", "0af0:7401", "0af0:7501", "0af0:7601", "0af0:7701", "0af0:7706", "0af0:7801", "0af0:7901", "0af0:8006", "0af0:8200", "0af0:8201", "0af0:8300", "0af0:8302", "0af0:8304", "0af0:8400", "0af0:8600", "0af0:8700", "0af0:8800", "0af0:8900", "0af0:9000", "0af0:9200", "0af0:c031", "0af0:c100", "0af0:d001", "0af0:d013", "0af0:d031", "0af0:d033", "0af0:d035", "0af0:d055", "0af0:d057", "0af0:d058", "0af0:d155", "0af0:d157", "0af0:d255", "0af0:d257", "0af0:d357", "0b3c:c700", "0b3c:f000", "0b3c:f00c", "0b3c:f017", "0bdb:190d", "0bdb:1910", "0cf3:20ff", "0d46:45a1", "0d46:45a5", "0df7:0800", "0e8d:0002:uPr=MT", "0e8d:0002:uPr=Product", "0e8d:7109", "0fca:8020", "0fce:d0cf", "0fce:d0df", "0fce:d0e1", "0fce:d103", "0fd1:1000", "1a8d:1000", "1a8d:2000", "1ab7:5700", "1b7d:0700", "1bbb:00ca", "1bbb:000f", "1bbb:011f", "1bbb:022c", "1bbb:f000", "1bbb:f017", "1bbb:f052", "1c9e:9d00", "1c9e:9e00", "1c9e:9e08", "1c9e:98ff", "1c9e:1001", "1c9e:6000", "1c9e:6061:uPr=Storage", "1c9e:9101", "1c9e:9200", "1c9e:9401", "1c9e:9800", "1c9e:f000", "1c9e:f000:uMa=USB_Modem", "1d09:1000", "1d09:1021", "1d09:1025", "1da5:f000", "1dbc:0669", "1dd6:1000", "1de1:1101", "1e0e:f000", "1e89:f000", "1edf:6003", "1ee8:0003", "1ee8:004a", "1ee8:004f", "1ee8:0009", "1ee8:0013", "1ee8:0018", "1ee8:0040", "1ee8:0045", "1ee8:0054", "1ee8:0060", "1ee8:0063", "1ee8:0068", "1f28:0021", "1fac:0032", "1fac:0130", "1fac:0150", "1fac:0151", "03f0:002a", "04bb:bccd", "04cc:225c", "04cc:226e", "04cc:226f", "04cc:2251", "04e8:680c", "04e8:689a", "04e8:f000:sMo=U209", "04fc:2140", "05c6:0010", "05c6:1000:sVe=GT", "05c6:1000:sVe=Option", "05c6:1000:uMa=AnyDATA", "05c6:1000:uMa=CELOT", "05c6:1000:uMa=Co.,Ltd", "05c6:1000:uMa=DGT", "05c6:1000:uMa=Option", "05c6:1000:uMa=SAMSUNG", "05c6:1000:uMa=SSE", "05c6:1000:uMa=StrongRising", "05c6:1000:uMa=Vertex", "05c6:2000", "05c6:2001", "05c6:6503", "05c6:9024", "05c6:f000", "05c7:1000", "07d1:a800", "07d1:a804", "10a9:606f", "10a9:6080", "12d1:1c0b", "12d1:1c1b", "12d1:1c24", "12d1:1d50", "12d1:1da1", "12d1:1f01", "12d1:1f1b", "12d1:1f1c", "12d1:1f1d", "12d1:1f1e", "12d1:1f02", "12d1:1f03", "12d1:1f07", "12d1:1f09", "12d1:1f11", "12d1:1f15", "12d1:1f16", "12d1:1f17", "12d1:1f18", "12d1:1f19", "12d1:14ad", "12d1:14b5", "12d1:14b7", "12d1:14ba", "12d1:14c1", "12d1:14c3", "12d1:14c4", "12d1:14c5", "12d1:14d1", "12d1:14fe", "12d1:15ca", "12d1:15cd", "12d1:15cf", "12d1:15e7", "12d1:101e", "12d1:151a", "12d1:155a", "12d1:155b", "12d1:156a", "12d1:157c", "12d1:157d", "12d1:380b", "12d1:1001", "12d1:1003", "12d1:1009", "12d1:1010", "12d1:1030", "12d1:1031", "12d1:1413", "12d1:1414", "12d1:1446", "12d1:1449", "12d1:1505", "12d1:1520", "12d1:1521", "12d1:1523", "12d1:1526", "12d1:1553", "12d1:1557", "12d1:1582", "12d1:1583", "12d1:1805", "15eb:7153", "16d8:6803", "16d8:6281", "16d8:700b", "12d1:#android", "12d1:#linux", "16d8:6804", "16d8:700a", "16d8:f000", "19d2:0003", "19d2:0026", "19d2:0040", "19d2:0053", "19d2:0083:uPr=WCDMA", "19d2:0101", "19d2:0103", "19d2:0110", "19d2:0115", "19d2:0120", "19d2:0146", "19d2:0149", "19d2:0150", "19d2:0154", "19d2:0166", "19d2:0169", "19d2:0266", "19d2:0304", "19d2:0318", "19d2:0325", "19d2:0388", "19d2:0413", "19d2:1001", "19d2:1007", "19d2:1009", "19d2:1013", "19d2:1017", "19d2:1030", "19d2:1038", "19d2:1171", "19d2:1175", "19d2:1179", "19d2:1201", "19d2:1207", "19d2:1210", "19d2:1216", "19d2:1219", "19d2:1224", "19d2:1225", "19d2:1227", "19d2:1232", "19d2:1233", "19d2:1237", "19d2:1238", "19d2:1420", "19d2:1511", "19d2:1514", "19d2:1517", "19d2:1520", "19d2:1523", "19d2:1528", "19d2:1536", "19d2:1542", "19d2:1588", "19d2:2000", "19d2:2004", "19d2:bccd", "19d2:ffde", "19d2:ffe6", "19d2:fff5", "19d2:fff6", "19d2:#linux", "20a6:f00e", "20b9:1682", "21f5:1000", "21f5:3010", "22de:6801", "22de:6803", "22f4:0021", "23a2:1010", "057c:62ff", "057c:84ff", "072f:100d", "106c:3b03", "106c:3b05", "106c:3b06", "106c:3b11", "106c:3b14", "109b:f009", "148e:a000", "148f:2578", "198a:0003", "198f:bccd", "201e:1023", "201e:2009", "230d:000b", "230d:000d", "230d:0001", "230d:0003", "230d:0007", "230d:0101", "230d:0103", "257a:a000", "257a:b000", "257a:c000", "257a:d000", "0408:1000", "0408:ea17", "0408:ea25", "0408:ea43", "0408:f000", "0408:f001", "0421:060c", "0421:061d", "0421:062c", "0421:0610", "0421:0618", "0421:0622", "0421:0627", "0421:0632", "0421:0637", "0471:1210:uMa=Philips", "0471:1210:uMa=Wisue", "0471:1237", "0482:024d", "0685:2000", "0922:1001", "0922:1003", "0930:0d46", "1004:61aa", "1004:61dd", "1004:61e7", "1004:61eb", "1004:607f", "1004:613a", "1004:613f", "1004:614e", "1004:1000", "1004:6156", "1004:6190", "1004:6327", "1033:0035", "1076:7f40", "1199:0fff", "1266:1000", "1307:1169", "1410:5010", "1410:5020", "1410:5023", "1410:5030", "1410:5031", "1410:5041", "1410:5055", "1410:5059", "1410:7001", "1614:0800", "1614:0802", "1726:f00e", "1782:0003", "2001:00a6", "2001:98ff", "2001:a80b", "2001:a401", "2001:a403", "2001:a405", "2001:a706", "2001:a707", "2001:a708", "2001:a805", "2020:0002", "2020:f00e", "2020:f00f", "2077:1000", "2077:f000", "2262:0001", "2357:0200", "2357:f000", "8888:6500", "ed09:1021", "20-usb-core", "25-nls-cp437", "05-liblogger", "20-fs-exportfs", "25-nls-cp864", "25-nls-cp775", "25-nls-cp866", "15-mii", "25-nls-cp932", "25-nls-cp852", "25-nls-cp1250", "25-nls-cp850", "25-nls-cp1251", "25-nls-iso8859-1", "25-nls-iso8859-2", "25-nls-cp862", "25-nls-iso8859-6", "25-nls-iso8859-8", "25-nls-iso8859-13", "25-nls-iso8859-15", "25-nls-koi8r", "25-nls-utf8", "29-fs-fscache", "30-atm", "30-fs-autofs4", "30-fs-btrfs", "30-fs-cifs", "30-fs-configfs", "30-fs-cramfs", "30-fs-ext4", "30-fs-hfs", "30-fs-hfsplus", "30-fs-isofs", "30-fs-jfs", "30-fs-minix", "30-fs-nfs-common", "30-fs-ntfs", "30-fs-reiserfs", "30-fs-udf", "30-fs-vfat", "30-fs-xfs", "30-gpio-button-hotplug", "30-ipsec", "30-tun", "30-veth", "31-iptunnel", "31-iptunnel4", "31-iptunnel6", "32-ip6-tunnel", "32-ipsec4", "32-ipsec6", "32-l2tp", "32-sit", "39-gre", "40-bonding", "40-fs-msdos", "40-fs-nfs", "40-fs-nfsd", "40-pppoa", "40-scsi-core", "40-usb2", "42-ip6tables", "42-usb2-pci", "49-ipt-ipset-tplink", "50-usb-ohci", "50-usb-uhci", "54-usb3", "65-scsi-generic", "80-fuse", "89-portal", "90-urlset", "90-xt_CTSTATEMARK", "90-xt_dosdrop", "90-xt_doslogonly", "90-xt_ipsecmark", "90-xt_multinetdev", "90-xt_qoslimit", "90-xt_tplimit", "90-xt_vlan", "91-authlimit", "91-xt_authlimit", "98-ipt_url_dns_match", "98-ipt_urlset_match", "98-ipt_web_dns_match", "98-ipt_webfilter_match", "98-ipt_websec_match", "98-load_balance", "99-balance_route", "99-ipt_tpconnlimit", "99-ipt_TRIGGER", "99-ipt_urlset_target", "99-xt_l2tp", "crypto-hw-eip93", "fs-exfat", "ipt-account", "ipt-compat-xtables", "ipt-conntrack", "ipt-conntrack-extra", "ipt-core", "ipt-extra", "ipt-filter", "ipt-geoip", "ipt-ipopt", "ipt-iprange", "ipt-ipsec", "ipt-ipv4options", "ipt-nat", "ipt-nat-extra", "ipt-nathelper", "ipt-nathelper-extra", "ipt-nfqueue", "ipt-tproxy", "lib-crc-ccitt", "lib-textsearch", "mmc", "mppe", "nf-conntrack-netlink", "nfnetlink", "nfnetlink-queue", "ppp", "pppoe", "pppol2tp", "pptp", "sdhci-mt7621", "usb-acm", "usb-net", "usb-net-asix", "usb-net-cdc-ether", "usb-net-cdc-mbim", "usb-net-cdc-ncm", "usb-net-huawei-cdc-ncm", "usb-net-ipheth", "usb-net-qmi-wwan", "usb-net-rndis", "usb-printer", "usb-serial", "usb-serial-option", "usb-serial-wwan", "usb-storage", "usb-storage-extras", "usb-wdm", "cleanTMP.sh", "fastcgi_params", "koi-win", "nginx.conf", "mime.types", "win-utf", "koi-utf", "ldap.conf", "crt.sed", "client.crt", "client.key", "dictionary.asnet", "servers", "dictionary.microsoft", "dictionary", "options.default", "options.l2tp", "filter", "chap-secrets", "options.pptp", "options.pptpd", "options.xl2tpd", "radius.conf", "dictionary.merit", "dictionary.sip", "issue", "dictionary.compat", "port-id-map", "radiusclient.conf", "dictionary.ascend", "failsafe", "power", "reset", "rfkill", "K10improxy", "K10openvpn", "K10portal_mgmt", "K25zone", "K50dropbear", "K71hwnat", "K90ipv6", "K91network", "K91geoip", "K99umount", "K98boot", "S00zombie_monitor", "K26pppox", "S01spi_device_id", "S01led_early", "S10boot", "S15loggerd", "S19vnet", "S10system", "S20network", "S21tddpd", "S20geoip", "S25sysctl", "S26time_setting", "S25zone", "S22rsa_check", "S42ipgroup", "S31tmngtd", "S40fstab", "S42ipv6group", "S45firewall", "S42macgroup", "S46iptv", "S42service", "S46nat", "S46netbios_passthrough", "S47access_ctl", "S47administration", "S47dos_defense", "S42ippool", "S47flood_defense", "S47imb", "S47mac_filter", "S50cron", "S50dropbear", "S50pppox", "S50qos-tplink", "S50queueventd", "S50radvd", "S50snmpd", "S50uhttpd", "S60dnsmasq", "S60monitor", "S60pptpd", "S60url_filter", "S60xl2tpd", "S65wifidog", "S68online", "S70freeStrategy", "S70usbshare", "S71hwnat", "S72sfe", "S80usbmuxd", "S80websort", "S83web_security", "S85webfilter", "S89remote_mngt", "S90ndppd", "S90openvpn", "S90portal_mgmt", "S91wireguard", "S92qos_ctl", "S95done", "S95ifstat-mini", "S95ipstat", "S95l2tp", "S95mwan3", "S96backup", "S96cmxddns", "S96default_balance", "S96load_balance", "S96policy_route", "S96static_route", "S96sysntpd", "S96upnp", "S97gre_init", "S97ipsec", "S97session_limits", "S98ipsec_failover", "S98led", "S99avahi-daemon", "S99bootcount", "S99dnsproxy", "S99dpi", "S99drop_caches", "S99dynamic_route", "S99enablemodem", "S99improxy", "S99ipv6", "S99led_set", "S99lldpd", "S99phddns", "S99smp", "S99switch", "S99sys_monitor", "S99system_params", "S99usbmodem", "S99zbalance_loop_reset", "S99zero_boot_done", "S99zzddns", "S99zzomada_server", "S99zzzcloud_proc", "S99zzzzzsys_info", "0a775a30.0", "0b1b94ef.0", "0bf05006.0", "0f5dc4f3.0", "0f6fa695.0", "1d3472b9.0", "1e08bfd1.0", "1e09d511.0", "2ae6433e.0", "2b349938.0", "002c0b4f.0", "3bde41ac.0", "3e44d2f7.0", "3e45d192.0", "3fb36b73.0", "4a6481c9.0", "4b718d9b.0", "4bfab552.0", "4f316efb.0", "5ad8a5d6.0", "5cd81ad7.0", "5d3033c5.0", "5e98733a.0", "5f15c80c.0", "5f618aec.0", "6b99d060.0", "6d41d539.0", "06dc52d5.0", "6fa5da56.0", "7aaf71c0.0", "7f3d5d1d.0", "8cb5ee0f.0", "8d86cdd1.0", "8d89cda1.0", "9b5697b0.0", "9c8dfbd4.0", "9d04f354.0", "14bc7599.0", "48bec511.0", "57bcb2da.0", "062cdee6.0", "064e0aa9.0", "68dd7389.0", "75d1b2ed.0", "76cb8f92.0", "76faf6c0.0", "93bc0acc.0", "106f3e4d.0", "244b5494.0", "349f2832.0", "406c9bb1.0", "626dceaf.0", "653b494a.0", "706f604c.0", "749e9e03.0", "773e07ad.0", "930ac5d2.0", "988a38cb.0", "1001acf7.0", "2923b3f9.0", "03179a64.0", "4042bcee.0", "4304c5e5.0", "5273a94c.0", "5443e9e3.0", "7719f463.0", "8160b96c.0", "9482e63a.0", "18856ac4.0", "32888f65.0", "40547a79.0", "607986c7.0", "1636090b.0", "02265526.0", "3513523f.0", "09789157.0", "40193066.0", "54657681.0", "a94d09e5.0", "a3418fda.0", "ACCVRAIZ1.crt", "AC_RAIZ_FNMT-RCM.crt", "AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.crt", "Actalis_Authentication_Root_CA.crt", "aee5f10d.0", "AffirmTrust_Commercial.crt", "AffirmTrust_Networking.crt", "AffirmTrust_Premium.crt", "AffirmTrust_Premium_ECC.crt", "Amazon_Root_CA_1.crt", "Amazon_Root_CA_2.crt", "Amazon_Root_CA_3.crt", "Amazon_Root_CA_4.crt", "ANF_Secure_Server_Root_CA.crt", "Atos_TrustedRoot_2011.crt", "Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt", "b0e59380.0", "b7a5b843.0", "b81b93f0.0", "b1159c4c.0", "b66938e9.0", "b433981b.0", "b727005e.0", "Baltimore_CyberTrust_Root.crt", "bf53fb88.0", "Buypass_Class_2_Root_CA.crt", "Buypass_Class_3_Root_CA.crt", "c01eb047.0", "c28a8a30.0", "ca6e4ad9.0", "ca-certificates.crt", "CA_Disig_Root_R2.crt", "cbf06781.0", "cc450945.0", "cd8c0d63.0", "cd58d51e.0", "ce5e74ef.0", "Certigna.crt", "Certigna_Root_CA.crt", "certSIGN_ROOT_CA.crt", "certSIGN_Root_CA_G2.crt", "Certum_EC-384_CA.crt", "Certum_Trusted_Network_CA.crt", "Certum_Trusted_Network_CA_2.crt", "Certum_Trusted_Root_CA.crt", "CFCA_EV_ROOT.crt", "Comodo_AAA_Services_root.crt", "COMODO_Certification_Authority.crt", "COMODO_ECC_Certification_Authority.crt", "COMODO_RSA_Certification_Authority.crt", "Cybertrust_Global_Root.crt", "d4dae3dd.0", "d7e8dc79.0", "d887a5bb.0", "d6325660.0", "dc4d6a89.0", "dd8e9d41.0", "de6d66f3.0", "DigiCert_Assured_ID_Root_CA.crt", "DigiCert_Assured_ID_Root_G2.crt", "DigiCert_Assured_ID_Root_G3.crt", "DigiCert_Global_Root_CA.crt", "DigiCert_Global_Root_G2.crt", "DigiCert_Global_Root_G3.crt", "DigiCert_High_Assurance_EV_Root_CA.crt", "DigiCert_Trusted_Root_G4.crt", "D-TRUST_Root_Class_3_CA_2_2009.crt", "D-TRUST_Root_Class_3_CA_2_EV_2009.crt", "e8de2f56.0", "e18bfb83.0", "e36a6752.0", "e73d606e.0", "e113c810.0", "e868b802.0", "e35234b1.0", "EC-ACC.crt", "ee64a828.0", "eed8c118.0", "ef954a4e.0", "emSign_ECC_Root_CA_-_C3.crt", "emSign_ECC_Root_CA_-_G3.crt", "emSign_Root_CA_-_C1.crt", "emSign_Root_CA_-_G1.crt", "Entrust.net_Premium_2048_Secure_Server_CA.crt", "Entrust_Root_Certification_Authority.crt", "Entrust_Root_Certification_Authority_-_EC1.crt", "Entrust_Root_Certification_Authority_-_G2.crt", "Entrust_Root_Certification_Authority_-_G4.crt", "ePKI_Root_Certification_Authority.crt", "e-Szigno_Root_CA_2017.crt", "E-Tugra_Certification_Authority.crt", "f0c70a8d.0", "f30dd6ad.0", "f39fc864.0", "f51bb24c.0", "f249de83.0", "f3377b1b.0", "f081611a.0", "f387163d.0", "fa5da96b.0", "fc5a8f99.0", "fe8a2cd8.0", "feffd413.0", "ff34af3f.0", "GDCA_TrustAUTH_R5_ROOT.crt", "GlobalSign_ECC_Root_CA_-_R4.crt", "GlobalSign_ECC_Root_CA_-_R5.crt", "GlobalSign_Root_CA.crt", "GlobalSign_Root_CA_-_R2.crt", "GlobalSign_Root_CA_-_R3.crt", "GlobalSign_Root_CA_-_R6.crt", "GlobalSign_Root_E46.crt", "GlobalSign_Root_R46.crt", "GLOBALTRUST_2020.crt", "Go_Daddy_Class_2_CA.crt", "Go_Daddy_Root_Certificate_Authority_-_G2.crt", "GTS_Root_R1.crt", "GTS_Root_R2.crt", "GTS_Root_R3.crt", "GTS_Root_R4.crt", "Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt", "Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt", "Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt", "Hongkong_Post_Root_CA_1.crt", "Hongkong_Post_Root_CA_3.crt", "IdenTrust_Commercial_Root_CA_1.crt", "IdenTrust_Public_Sector_Root_CA_1.crt", "ISRG_Root_X1.crt", "Izenpe.com.crt", "Microsec_e-Szigno_Root_CA_2009.crt", "Microsoft_ECC_Root_Certificate_Authority_2017.crt", "Microsoft_RSA_Root_Certificate_Authority_2017.crt", "NAVER_Global_Root_Certification_Authority.crt", "NetLock_Arany_=Class_Gold=_F?tan\u00fas\u00edtv\u00e1ny.crt", "Network_Solutions_Certificate_Authority.crt", "OISTE_WISeKey_Global_Root_GB_CA.crt", "OISTE_WISeKey_Global_Root_GC_CA.crt", "QuoVadis_Root_CA_1_G3.crt", "QuoVadis_Root_CA_2.crt", "QuoVadis_Root_CA_2_G3.crt", "QuoVadis_Root_CA_3.crt", "QuoVadis_Root_CA_3_G3.crt", "Secure_Global_CA.crt", "SecureSign_RootCA11.crt", "SecureTrust_CA.crt", "Security_Communication_Root_CA.crt", "Security_Communication_RootCA2.crt", "SSL.com_EV_Root_Certification_Authority_ECC.crt", "SSL.com_EV_Root_Certification_Authority_RSA_R2.crt", "SSL.com_Root_Certification_Authority_ECC.crt", "SSL.com_Root_Certification_Authority_RSA.crt", "Staat_der_Nederlanden_EV_Root_CA.crt", "Starfield_Class_2_CA.crt", "Starfield_Root_Certificate_Authority_-_G2.crt", "Starfield_Services_Root_Certificate_Authority_-_G2.crt", "SwissSign_Gold_CA_-_G2.crt", "SwissSign_Silver_CA_-_G2.crt", "SZAFIR_ROOT_CA2.crt", "TeliaSonera_Root_CA_v1.crt", "TrustCor_ECA-1.crt", "TrustCor_RootCert_CA-1.crt", "TrustCor_RootCert_CA-2.crt", "Trustwave_Global_Certification_Authority.crt", "Trustwave_Global_ECC_P256_Certification_Authority.crt", "Trustwave_Global_ECC_P384_Certification_Authority.crt", "T-TeleSec_GlobalRoot_Class_2.crt", "T-TeleSec_GlobalRoot_Class_3.crt", "TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt", "TWCA_Global_Root_CA.crt", "TWCA_Root_Certification_Authority.crt", "UCA_Extended_Validation_Root.crt", "UCA_Global_G2_Root.crt", "USERTrust_ECC_Certification_Authority.crt", "USERTrust_RSA_Certification_Authority.crt", "XRamp_Global_CA_Root.crt", "cert.pem", "dnskey.conf", "connmark.conf", "des.conf", "aes.conf", "kernel-netlink.conf", "constraints.conf", "md5.conf", "attr.conf", "nonce.conf", "gmp.conf", "openssl.conf", "fips-prf.conf", "pem.conf", "hmac.conf", "pgp.conf", "pkcs1.conf", "pkcs7.conf", "pkcs12.conf", "pubkey.conf", "random.conf", "rc2.conf", "resolve.conf", "revocation.conf", "sha1.conf", "sha2.conf", "socket-default.conf", "sshkey.conf", "stroke.conf", "updown.conf", "x509.conf", "xauth-generic.conf", "xcbc.conf", "pki.conf", "scepclient.conf", "starter.conf", "charon-logging.conf", "charon.conf", "priv-key.pem", "server-cert.pem", "access_control", "00_uhttpd_ubus", "10-fstab", "10_migrate-shadow", "11_migrate-sysctl", "09_fix-seama-header", "12_network-generate-ula", "root.key", "unbound.conf.back", "named.cache", "12d1_0004", "12d1_0003", "12d1_0005", "12d1_0001", "19d2_0001", "19d2_0002", "19d2_0003", "19d2_0004", "ffff_0001", "12d1_0002", "ffff_0002", "ffff_0003", "xl2tpd.conf", "xl2tp-secrets", "acl_timeobj.lua", "acl_timeobj_v6.lua", "acl_wanhook.lua", "access_func_v6.sh", "attach_timeobj.lua", "core.sh", "access_func.sh", "interface.sh", "acl_delete_rule.lua", "core_log.sh", "markdef.sh", "time.sh", "core_acl.sh", "config.sh", "core_global.sh", "arp.sh", "gettime.sh", "cmd.sh", "backup.sh", "ecmp.sh", "api.sh", "ecmp.lua", "dynanmic_arpreq.sh", "getVid.sh", "access_time_help.lua", "access_dir_help.lua", "accountmgnt.lua", "access_ip_help.lua", "access.lua", "clock.lua", "http.lua", "interface.lua", "dhcp.lua", "ipsec.lua", "monitor_port.lua", "nat.lua", "show_if_help.lua", "routing.lua", "cli_ospf.lua", "show_interface.lua", "rip.lua", "show_interface_status.lua", "snmp.lua", "ssh.lua", "time_range.lua", "vlan.lua", "lan.js", "uci.sh", "arping.sh", "get_option.lua", "dhcps.sh", "main.sh", "dnssecquery.sh", "core_forwarding.sh", "core_init.sh", "core_interface.sh", "core_redirect.sh", "core_rule.sh", "core_tpfirewall.sh", "uci_firewall.sh", "fw.sh", "tpcmd.sh", "freeStrategy_backup.sh", "add_delete_tuple.sh", "add_delete.sh", "getip.sh", "preinit.sh", "leds.sh", "network.sh", "service.sh", "switch_port.sh", "procd.sh", "userconfig.sh", "uci-defaults.sh", "system.sh", "functions.sh", "gre_common.sh", "gre-ipsec-up-down.sh", "delete_restart.sh", "core_ipgroup.sh", "ipsec_check_domain_wrap.sh", "ipsec_failover_process.sh", "ipsec_handle_iptables.sh", "ipsec_check_domain.sh", "ipsec_generate_domain.sh", "ipsec_execute_stroke.sh", "ipsec_monitor_tunnel.sh", "ipsec_vnet.sh", "pd_api.sh", "lanv6_server.sh", "pd_server.sh", "core_ipv6group.sh", "get-vpn-gw.sh", "ifup-l2tp.sh", "ifdown-l2tp.sh", "l2tp-get-tunnel-info.sh", "get-vpn-ip.sh", "l2tp-init.sh", "l2tp-ipsec-delete.lua", "l2tp-ipsec-setstatus.lua", "l2tp-doipsec.sh", "l2tp-ipsec-up-down.sh", "l2tp-functions.sh", "l2tp-reload.sh", "char_conv.sh", "api_VPN.sh", "ldap_check_result.sh", "ldap_query.sh", "pre_setting_config.sh", "net_share.sh", "ramips.sh", "lldp_get_wan_device.sh", "50-xt_flood", "50-arp_garp", "get_rps.sh", "get_temperature.sh", "set_fan.sh", "nat_alg.sh", "nat_config.sh", "nat_dmz.sh", "nat_common.sh", "nat_pt.sh", "nat_dmz_bypass.sh", "nat_vs.sh", "nat_core.sh", "nat_log.sh", "nat_one.sh", "nat_napt.sh", "6rd.sh", "dhcp.sh", "directip.sh", "3g.sh", "ncm.sh", "dhcp6c.sh", "6to4.sh", "ppp.sh", "l2tp.sh", "pppv6.sh", "dslite.sh", "qmi.sh", "v6plus.sh", "lanv6.sh", "passthrough.sh", "dhcp.script", "netifd-wireless.sh", "netifd-proto.sh", "if-do-timeobj.sh", "ppp-down", "ppp-up", "pppv6-share", "dslite-up.sh", "pppv6-up", "dhcp6c.script", "utils.sh", "v6plus-dial.sh", "ppp-dhcp6c.script", "switch.sh", "network_arch.sh", "online_api.sh", "online_reload.lua", "openvpn-client-disconnect.sh", "openvpn-client-routeup.sh", "openvpn-client-connect.sh", "openvpn-client-down.sh", "openvpn-server-up.sh", "openvpn-client-up.sh", "openvpn-common.sh", "openvpn-instance.sh", "openvpn-password.lua", "openvpn-server-down.sh", "pppox-default-variables.sh", "pppox-header.sh", "kill-pptpd-xl2tpd.sh", "pppox-reload-user.lua", "pppox-functions.sh", "pppox-reload-user.sh", "pppox-begin-reload-user.sh", "pppox-remote-management.sh", "pppox-load-user.lua", "pppox-pppoetimer.sh", "pppox-remote-management-get-ippool.lua", "pppox-wheader.sh", "pppox-killtunnel.sh", "ifup_down.sh", "add-service.sh", "enable_service.sh", "pptp-get-tuunel-info.sh", "delete-service.sh", "pptp-global-setting.sh", "pptp-client-add.sh", "pptp-ifdevice-info.sh", "pptp-client-update.sh", "pptp-option.sh", "pptp-startup.sh", "pptp-tunnel-action.sh", "test.sh", "pptp-client-delete.sh", "05_set_iface_mac_mediatek", "02_default_set_state", "07_set_preinit_iface_ramips", "40_run_failsafe_hook", "04_handle_checksumming", "50_indicate_regular_preinit", "10_indicate_failsafe", "70_initramfs_test", "03_preinit_do_ramips.sh", "80_mount_root", "98_10_mtk_failsafe_init", "30_failsafe_wait", "99_10_failsafe_login", "99_10_run_init", "10_indicate_preinit", "qos_config_sync.lua", "qos_nf.sh", "qos_api.sh", "qos_cid.sh", "qos_dpdk.sh", "qos_grpmark.sh", "find_index.lua", "qos_ifgroup.sh", "qos_core.sh", "qos_ipset.sh", "qos_mark.sh", "qos_polling.sh", "qos_public.sh", "qos_state.sh", "qos_tc.sh", "state_gen.lua", "zone-450", "qos_delete_rule.lua", "remote_mngt.sh", "route_api.sh", "core_service.sh", "session_limits.sh", "ar8327_switch_led", "ar8327_switch_portMirror", "ar8327_switch_init", "ar8327_switch_portStatistic", "ar8327_register", "ar8327_switch_portVlan", "ar8327_switch_portPara", "ar9533_register", "ar8327_switch_portState", "ar9533_switch_init", "ar8327_switch_portRateControl", "ar9533_switch_portMirror", "ar9533_switch_portPara", "ar9533_switch_portRateControl", "ar8327_switch_8021Qvlan", "ar9533_switch_portState", "ar9533_switch_portStatistic", "ar9533_switch_portVlan", "cn9130_register", "cn9130_switch_globalLed", "cn9130_switch_init", "cn9130_switch_portMirror", "cn9130_switch_portPara", "cn9130_switch_portRateControl", "cn9130_switch_portState", "cn9130_switch_portStatistic", "cn9130_switch_portVlan", "mt7621_register", "mt7621_switch_globalLed", "mt7621_switch_led", "mt7621_switch_portMirror", "mt7621_switch_portPara", "mt7621_switch_portRateControl", "mt7621_switch_portState", "mt7621_switch_portStatistic", "mt7621_switch_portVlan", "mt7628_register", "mt7628_switch_init", "mt7628_switch_led", "mt7628_switch_portMirror", "mt7628_switch_portPara", "mt7628_switch_portRateControl", "mt7628_switch_portState", "mt7628_switch_portStatistic", "mt7628_switch_portVlan", "rtl8367s_register", "rtl8367s_switch_globalLed", "rtl8367s_switch_init", "rtl8367s_switch_portMirror", "rtl8367s_switch_portPara", "rtl8367s_switch_portRateControl", "rtl8367s_switch_portState", "rtl8367s_switch_portStatistic", "rtl8367s_switch_portVlan", "switch_functions", "vlan_network", "sysparams_net.sh", "timeobj_cron_api.sh", "timeobj_api.sh", "boot_done", "led.sh", "set_time", "base-files-essential", "libopenldap", "base-files", "online_check", "mwan3-tplink", "openvpn-easy-rsa", "openvpn-mgmt", "portal-mgmt", "ppp-mod-radius", "snmpd-static", "https-dns-proxy", "luci-add-conffiles.sh", "platform.sh", "ubnt.sh", "nand.sh", "common.sh", "upnp_api.sh", "find_target.lua", "url_func.sh", "detach_timeobj.lua", "csv2db.sh", "vnet_zone_api.sh", "vnet_init.sh", "vnet.sh", "vnet_core.sh", "vnet_zone_init.sh", "webfilter_func.sh", "web_func.sh", "websec_timeobj.lua", "start_rule.sh", "wireguard-up.sh", "wireguard-down.sh", "auth_port_modify.sh", "core_wportal.sh", "zone_api.sh", "zone_core.sh", "zone_api_all.sh", "zone_conf.sh", "zone_init.sh", "zone_api_core.sh", "zone_init_all.sh", "note", "devstatus", "firstboot", "fixup-mac-address", "fw", "hotplug-call", "ifdown", "ifstart", "ifrestart", "ifstatus", "loadopenvpncert", "log_oops_recovery.sh", "luci-reload", "ifup", "reload_config", "restorefactory", "smp.sh", "snapshot", "sysupgrade", "wifi", "ubi_make_extra_volume.sh", "ipset.debug", "ipxd", "iptables.debug", "ipxr", "wifidog-init", "radiusclient-ng.h", "dpi.sh", "libradiusclient-ng.la", "libstdc++.so.6.0.21-gdb.py", "dynamic_dns_dyndns.sh", "dynamic_dns_log.sh", "customddns_set_url.sh", "url_escape.sed", "dynamic_dns_customddns.sh", "dynamic_dns_noip.sh", "dynamic_dns_updater.sh", "dynamic_dns_functions.sh", "dpi_log_database.lua", "dpi_log_database.sh", "dpi_tmngtd.sh", "_updown", "ngx_init.lua", "authlistCheck.lua", "ngx_wdas.lua", "ngx_sqlApi.lua", "cell_valueheader.htm", "cell_valuefooter.htm", "dvalue.htm", "compound.htm", "dynlist.htm", "browser.htm", "apply_xhr.htm", "firewall_zoneforwards.htm", "button.htm", "firewall_zonelist.htm", "delegator.htm", "footer.htm", "full_valuefooter.htm", "full_valueheader.htm", "fvalue.htm", "header.htm", "lvalue.htm", "map.htm", "mvalue.htm", "network_ifacelist.htm", "network_netinfo.htm", "network_netlist.htm", "nsection.htm", "nullsection.htm", "simpleform.htm", "tabcontainer.htm", "tabmenu.htm", "tblsection.htm", "tsection.htm", "tvalue.htm", "ucisection.htm", "upload.htm", "value.htm", "valuefooter.htm", "valueheader.htm", "error404.htm", "error500.htm", "indexer.htm", "sysauth.htm", "debug.lua", "mbimfind.lua", "log_awk", "modem_scan.sh", "check_switchmode.lua", "protofind.lua", "handle_card_process.sh", "search_tty.lua", "handle_card.sh", "unlock_pin.sh", "getisp.sh", "usbmodem_log.sh", "modemLedCtrl.sh", "portal_mgmt_monitor.lua", "portal_mgmt_monitor.sh", "rewrite.lua", "portal_status.sh", "hardware.txt", "jshn.sh", "default.script", "dbus-K5ae4EDHao", "osui.sock", "qipc_sharedmemory_xFMOjWbQizvIQbjaGodBkPpoECFzUYyznnjEncea48051f6b8a69e2450843f1f32c0bb393e04349", "qipc_systemsem_xFMOjWbQizvIQbjaGodBkPpoECFzUYyznnjEncea48051f6b8a69e2450843f1f32c0bb393e04349", "sddm-:0-BoTuTx", "sddm-auth-52b94a64-454a-4d7f-903e-32df6aac784a", "tmp.QMAjonKZB0", "xF43MOjWbQiz+vIQbjaGodBk4PpoECFzUYyznnj8Enc=", "about.svg", "about_hover.svg", "ie.css", "style.css", "widget.css", "access_control.html", "account_config.html", "account_mngt.html", "action_check.html", "alg.html", "appdist.html", "appdist_database.html", "appflow_statistics.html", "application_filter.html", "application_list.html", "arp_list.html", "arp_scan.html", "assign_restriction.html", "attack-defense.html", "balance_basic.html", "bridge.html", "bwlist_qq.html", "cmxddns.html", "controller_setting.html", "country_group.html", "custom_ddns.html", "ddm.html", "dhcp_client.html", "dhcp_lan_settings.html", "dhcp_lan_settings_standalone.html", "dhcp_server.html", "dhcp_static.html", "diagnostic.html", "dia_info.html", "dns_cache.html", "dns_doh.html", "dns_dot.html", "dnsproxy.html", "dnssec.html", "dyn3322ddns.html", "dynddns.html", "firmware_backuprestore.html", "firmware_factory.html", "firmware_managing.html", "firmware_reboot.html", "firmware_reseting.html", "firmware_upgrade.html", "gre_overipsec.html", "ifstat.html", "imb.html", "interface.html", "interface_mac.html", "interface_mode.html", "interface_wan.html", "interface_wan_standalone.html", "ipgroup_address.html", "ipgroup_group.html", "ipgroup_view.html", "ippool.html", "ips_blacklists.html", "ipsec_sa.html", "ipsec_tunnel.html", "ips_setting.html", "ips_signature_suppression.html", "ips_stats.html", "ip_stats.html", "ips_threat_management.html", "ips_whitelists.html", "iptv.html", "ipv6.html", "ipv6group_address.html", "ipv6group_group.html", "ipv6_lan.html", "isp_routing.html", "l2tp_client.html", "l2tp_global.html", "l2tp_server.html", "l2tp_tunnel.html", "ldap_profiles.html", "line_backup.html", "macFiltering.html", "mdns.html", "napt.html", "nat_dmz.html", "noipddns.html", "one_nat.html", "online.html", "openvpn_client.html", "openvpn_server.html", "openvpn_tunnel.html", "ospf.html", "phddns.html", "policy_routing.html", "port_trigger.html", "pptp_client.html", "pptp_global.html", "pptp_server.html", "pptp_tunnel.html", "preview_mobile_wifi.html", "preview_remind.html", "preview_wportal.html", "print_server.html", "qos.html", "qos_Band_ctrl.html", "qos_Class_role.html", "qos_Traffic.html", "qos_VoIP.html", "quick_setup.html", "reboot_schedule.html", "remote_mngt.html", "rip_routing.html", "rules.html", "service.html", "session_limits.html", "session_monitor.html", "sessmngr.html", "snmp.html", "ssl_vpn_auth.html", "ssl_vpn_auth_radius.html", "ssl_vpn_locked_user.html", "ssl_vpn_quicksetup.html", "ssl_vpn_server.html", "ssl_vpn_status.html", "ssl_vpn_tunnel.html", "ssl_vpn_tunnel_group.html", "ssl_vpn_user.html", "ssl_vpn_user_group.html", "static_routing.html", "switch_Parameter.html", "switch_portLimit.html", "switch_portMonitor.html", "switch_portStatistics.html", "switch_portStatus.html", "switch_portVlan.html", "sys_status.html", "system_log.html", "system_mode.html", "system_params.html", "system_routetbl.html", "system_state.html", "time_mngt.html", "time_setting.html", "upnp.html", "url_filtering.html", "usb_backup.html", "usb_firmware_upgrade.html", "usbModem.html", "usb_storage.html", "usermngr_backup.html", "usermngr_user.html", "virtual_server.html", "vlan_portSetting.html", "vlan_relationTbl.html", "vlan_vlanSetting.html", "vpn_general.html", "vpn_peers.html", "vpn_user.html", "vpn_wireguard.html", "web_filter.html", "web_group.html", "web_security.html", "wechat.html", "wechat_wifi.html", "wizard.html", "wportal.html", "wportal_free.html", "advanced.html", "basic.html", "encrypt.js", "excanvas.js", "html5.js", "jquery.flot.barnumbers.js", "jquery.flot.crosshair.js", "jquery.flot.fillbetween.js", "jquery.flot.js", "jquery.flot.pie.min.js", "jquery.json-2.4.min.js", "jquery.min.js", "jquery.scrollTo.min.js", "md5.js", "button.js", "buttongroup.js", "checkbox.js", "combobox.js", "fieldset.js", "file.js", "folderTree.js", "form.js", "number.js", "password.js", "portrange.js", "progressbar.js", "radio.js", "region.js", "slider.js", "status.js", "subnet.js", "switch.js", "textarea.js", "textbox.js", "time.js", "timepicker.js", "tip.js", "waitingbar.js", "editor.js", "grid.js", "paging.js", "chart.js", "foldertree.js", "keyword.js", "msg.js", "page.js", "panel.js", "wizard.js", "widget.js", "proxy.js", "store.js", "treestore.js", "controller.js", "su.full.min.js", "su.js", "account.2ca6a054.js", "chunk-vendors.0cdf10f0.js", "index.a415cbb4.js", "login.4f52b876.js", "chunk-common.72de4705.css", "account.html", "app.manifest", "cs_dis.html", "error.html", "index.html", "login.html", "mobile_wifi.html", "pcauth.js", "pc_wifi.html", "style-pcdemo.css", "style-simple-follow.css", "web_login.html", "cbi.js", "xhr.js" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1520", "name": "Domain Generation Algorithms", "display_name": "T1520 - Domain Generation Algorithms" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 38, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Merkd1904", "id": "196517", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CIDR": 11, "hostname": 491, "FileHash-SHA256": 3479, "FileHash-MD5": 67, "domain": 312, "FileHash-SHA1": 61, "email": 20, "URL": 373 }, "indicator_count": 4814, "is_author": false, "is_subscribing": null, "subscriber_count": 72, "modified_text": "757 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6605781ad51380e5b1c22815", "name": "haul from the last two weeks of wrangling - presumed malware and IOC's found on my personal devices", "description": "nearing the two year mark of the first initial attack - unfortunately OTX was only able to pull domains from the large majority of files uploaded which seems to be a built in anti-debug feature and goes with the theme and \"look & feel\" of this latest iteration being that most of them were somehow someway remote and acting as a net file system on my machine", "modified": "2024-04-27T02:04:29.606000", "created": "2024-03-28T14:00:58.809000", "tags": [ "dddf", "target", "dddj", "path", "base o", "base", "backupfile", "base rw", "exit", "date", "hell", "gnu libtool", "please do", "linker", "lsmime3 lnss3", "lplc4 lnspr4", "ludev", "directory", "lmagic ljansson", "feugiat", "lorem ipsum", "nulla facilisi", "malesuada", "etiam tempor", "suspendisse", "consectetur", "bibendum", "amet", "eget aliquet", "basesectors", "date echo", "default", "label", "kernel", "append rhgb", "clsid", "systemroot", "webbrowser", "ispell", "imagemagick", "flex", "zle c", "whois", "locate", "rubber", "chown", "ruby", "ninja", "pacman", "restart", "kill", "django", "mark", "repl", "service", "term", "mkdir", "borg", "black", "conan", "dolphin", "dotnet", "hello", "john", "generic", "find", "shutdown", "mozilla", "first", "subsystem", "action", "goto", "load", "devtype", "idnetdriver", "drivers", "program", "interface", "nmunmanaged", "ethernet", "mac prefix", "attr", "virtualbox host", "mac address", "interface name", "hello world", "unit", "timer", "onbootsec5min", "install", "wait online", "networkmanager", "edit", "note", "typeoneshot", "cloud", "optin", "helper", "for testing", "only", "restrict", "grant", "enable debug", "trace", "killmodeprocess", "typedbus", "reload", "capdacoverride", "dhcp etc", "include", "yara", "cflags", "libs", "xxx remove", "the author", "this software", "isc license", "copyright", "schlueter", "permission", "software is", "provided", "as is", "disclaims all", "direct", "require", "semver", "comparator", "range", "releasetypes", "simple", "tilde", "09azaz", "prerelease", "same", "beta", "semverrangesgtr", "semverrangesltr", "coerce version", "ranges", "alpha", "standalone", "exits", "null", "false", "reverse", "compare", "a javascript", "copyright isaac", "typeerror", "maxsafeinteger", "maxlength", "break", "error", "number", "drop", "same direction", "symbol", "comp", "const", "caret", "flagloose", "xrange", "parse", "identifier", "object", "match", "string", "walk", "manually", "stop", "highhaspre", "major", "minor", "patch", "istanbul", "preminor", "index", "regexp", "build metadata", "meaning", "replace", "token", "zero", "star", "infinity", "return", "a cache", "build status", "coverage status", "the same", "options", "before", "lrulist", "cache", "length", "dispose", "maxage", "allowstale", "nodisposeonset", "yallist", "node", "array", "head", "function", "tail", "start", "insert", "just", "node object", "barbar", "array method", "default export", "any comparator", "complex range", "simple range", "c1 c2", "outer", "every simple", "ecomp", "must", "clone", "case", "ignore", "setmin", "determine", "version", "typeof", "contribute", "status", "node package", "manager", "benchmark suite", "installation", "direct download", "ql https", "node version", "usage", "project", "calendar", "package", "source", "license", "source form", "perl foundation", "distributor fee", "distribute", "standard", "neither", "module", "basecommand", "lifecyclecmd", "base command", "pacote", "browser", "workspace", "pkgname", "await", "boolean", "base class", "wrapwidth", "chalk", "command", "config", "npmcliconfig", "logfile", "timers", "display", "location", "audit", "arboristcmd", "arborist", "global", "whoami", "async", "json", "view", "pref", "pckmnt", "resolve", "utf8", "libnpmversion", "unstar", "update", "save", "omit", "packagelock", "dryrun", "force", "libnpmaccess", "spec", "uninstall", "todo", "enoent", "enotdir", "test", "scriptshell", "scope", "team", "create", "user", "libnpmteam", "destroy", "table", "list", "cidr", "stars", "eneedauth", "shrinkwrap", "rename", "npmcliarborist", "value", "unicode", "sbom", "cyclonedx", "build", "sbomformats", "response", "software bill", "look", "script", "runscript", "indent", "root", "minipass", "search", "pipeline", "filterstream", "libnpmsearch", "long", "grab", "packageurlcmd", "repo", "info", "repo const", "rebuild", "reifycmd", "publish", "libnpmpack", "npmclirunscript", "prune", "remove", "prefix", "args", "queryable", "packagejson", "pong", "cleanurl", "registry", "pack", "load tarball", "noise", "query", "edge", "etarget", "e403", "e404", "outdated", "homepage", "developer", "admin", "owner", "libnpmorg", "npmfetch", "logout", "getauth", "invalid", "parent", "depth", "type", "filteredby", "dedupe", "problems", "login", "link", "util", "installcitest", "runs", "prop", "password", "profile", "mode", "email", "twitter", "hook", "libnpmhook", "init", "wpath", "installtest", "complete", "globaltop", "help", "viewer", "glob", "pattern", "file", "globify", "explore", "shell", "handle", "fund", "which", "fundingsource", "archy", "explain", "helpsearch", "text", "part", "editor", "editor const", "childprocess", "check", "nodemodules", "docs", "promisify", "doctor", "cacache", "mask", "win32", "disttag", "packagespec", "semver range", "delete", "diff", "workspacepath", "actualtree", "libnpmdiff", "deprecate", "message", "write", "clean", "spawn", "compline", "comppoint", "compcword", "epipe", "completion", "compfish", "os x", "bugs", "report", "adduser", "exec", "libnpmexec", "localprefix", "runpath", "skip", "public key", "npmauditreport", "access", "item", "finddupes", "syntaxerror", "getcli", "eventemitter", "abort", "ssri", "columnify", "bundled", "tarball details", "sha1", "daily", "latest", "check daily", "weekly", "cyclonedxschema", "cyclonedxformat", "proppath", "propbundled", "propdevelopment", "propextraneous", "propprivate", "refvcs", "refwebsite", "crypto", "readpassword", "readusername", "reademail", "enter", "enter otp", "otpprompt", "afaf09", "passwordprompt", "auditerror", "getfundinginfo", "json output", "data", "append", "maybeindex", "ontimeend", "name", "returns", "noassertion", "spdxidentifer", "spdxdatalicense", "reldescribes", "reldep", "reftypepurl", "spdxid", "eotp", "e401", "setinterval", "npmlog", "proclog", "maxlogsperfile", "fsminipass", "open", "colmax", "colmin", "colgutter", "quick help", "convert", "b return", "mb return", "gb return", "sigint", "readline", "prompt", "promise", "eresolve error", "overridden", "peer", "extraneous", "optional", "isworkspace", "maxlen", "code", "unfinished", "notice", "isshellout", "matcherrorcode", "devnull", "npmcompletion", "compwords", "compreply", "o default", "f npmcompletion", "ifs compadd", "fish shell", "l cmd", "taken", "comp stuff", "lx compline", "abbrev", "please", "enyi", "json version", "cygwin", "c1 control", "numbers", "x09 x0a", "10000", "nodemodulesnpm", "builtin", "npmrc", "notsup", "notarget", "nospc", "rofs", "author", "npmclifs", "minimatch", "pathtofoo", "relative", "synopsis", "description", "field", "person", "configuration", "whether", "premajor", "prepatch", "prevents", "run git", "upgrade", "examples", "will", "shareman", "cidr whitelist", "please refer", "tokenid", "eslint", "c eslint", "compatibility", "older", "versions", "nodeoptions", "details", "output", "example", "posix", "unstarring", "lcall", "starring", "lock", "materials", "spdx", "lodash", "nodeenv", "initcwd", "boolean set", "boolean tells", "windows", "unix", "selector", "use cases", "queries", "equivalent", "boolean show", "nocolor environ", "cli look", "boolean force", "dependency", "json object", "production", "files", "cicd system", "property", "change", "url opener", "basic auth", "allow", "description a", "removes", "semvermajor", "ping https", "ping http", "found", "get http", "example add", "json format", "handy", "display prefix", "g usrlocal", "mycorp", "associate", "deprecated", "libnodemodules", "caveat note", "workspace usage", "string override", "tarball", "githubrepo", "initializer", "usrfoo", "forwarding", "suppose", "commandsnpm", "hooks", "url endpoint", "browse", "consider", "ci environment", "string optional", "promzard", "top level", "expect", "javascript", "it staff", "https", "cli team", "ecmascript", "readme", "package current", "latest location", "depended", "git repos", "git dependency", "newest version", "modify package", "description add", "show", "purpose tags", "tags", "keyvalue", "16 16", "boolean ignore", "boolean do", "string source", "treat", "example make", "grep", "travis ci", "details npm", "localappdata", "tab completion", "bulk advisory", "sha256publickey", "endpoint", "quick audit", "set access", "that user", "scoped", "python", "description npm", "node javascript", "important npm", "introduction", "c code", "unix system", "integrity", "provide", "facilitate", "cli tool", "handling old", "lockfiles", "file format", "legacy", "urls", "spdx license", "most", "barney rubble", "specify", "github", "dependencies", "github urls", "node installer", "linux", "overview", "windows node", "prefixetcnpmrc", "variablename", "home", "comments", "peruser config", "global config", "builtin config", "auth", "cycles", "local install", "global install", "appdata", "below", "please note", "stage", "after", "life cycle", "runs after", "post scripts", "scripts", "slate", "synopsis so", "rf usrlocal", "modules", "with", "laf usrlocal", "l npm", "description all", "installing", "myorgmypackage", "requiring", "publishing", "private modules", "scopes", "apis", "auth related", "does", "package name", "aliases", "folders", "os equivalent", "tarballs", "teams", "orgs", "super admin", "team admins", "developer guide", "description so", "be explicit", "blank", "standard glob", "link packages", "syntax", "selectors", "querying", "log file", "location all", "log levels", "information", "headers", "logs", "alias", "certificate", "format", "docext", "content", "descriptions", "shorthands", "keyb", "print", "dir1", "manual", "input", "line", "process", "display help", "dirs", "get contents", "maxdepth", "contents", "u2665 bxe5r", "ud834udf06 baz", "single", "cssesc", "usage arborist", "commands", "options most", "npm install", "npm rm", "time", "silent", "fetch", "conf", "handler", "extract", "additional", "jackspeak", "jack", "glob v", "expand", "drive letter", "never", "true", "rob browning", "gnu library", "general", "public license", "license file", "future import", "adderror", "cdfq", "charles levert", "egrep", "egrepegrep", "fgrepfgrep", "grepgrep", "svr4 grepegrep", "times", "attributeerror", "fixcygwinid", "enhanced", "false try", "false assert", "tsns", "inetaddress", "none", "return value", "unixaddress", "localrepo", "httpserver", "valueerror", "resourcepath", "exception", "eoferror", "c version", "bytesio", "offset", "binary", "ascii", "baseversion", "commit", "throw", "in n", "send", "data end", "if 10", "copy", "send logoutn", "exitatoi", "tmplink", "lcallc binls", "varlogsetup rm", "sf tmp", "slackware", "system console", "entry", "ansi mode", "b007e", "slackware ftp", "cdrom", "miquel van", "smoorenburg", "okay", "minix", "fixme", "overwrite", "connect", "ssh connection", "subcmd", "bbupttywidth", "bupforcetty", "hashsplitter", "b options", "false def", "hack", "kbytesr", "srcpath", "tmptagfiles", "device", "tmpreply", "reply", "including", "but not", "quotesplit", "quoteerror", "not word", "split line", "mainselect", "tpxetcfstab", "select", "slackware linux", "varlogmount", "anything", "tmpswapmsg", "swappart", "ndir", "swaplist", "tmpsetswap", "linux swap", "swap space", "redir", "linux fdisk", "tmptmpscript", "eof fi", "instsets", "gnome", "tmpsetds", "tmpsetseries", "gnu emacs", "gnome desktop", "linux kernel", "k desktop", "uucp", "tmp fi", "tmpsettpx", "tpxetcshadow", "root password", "detected", "internet", "press", "linux native", "partitions", "tmpreturn", "nodes", "nextpartition", "rootdevice", "mtpt", "size", "formatting", "doformat", "main", "done", "sourcemedia", "tmpmedia", "source media", "selection", "slackware cd", "network file", "tmpsetreturn", "maketag", "choice", "mount", "tagext", "tmpsetnewtag", "tmpsettagmake", "sorry", "tmpsetkeymap", "mapname", "moorhead", "keyboard map", "us keyboard", "updown", "copying", "kernel chmod", "kernel rdev", "lilo", "fullerr", "tmpsettestfull", "partition full", "setup", "altf2", "slackware setup", "dospart", "newdir", "tmptempscript", "tmpsetdos", "partition", "ntfs", "doslist", "installscripts", "tpxproc", "atapi cd", "kerberos", "file transfer", "iana", "appletalk", "network", "control", "secure shell", "chat", "contact", "prospero", "outtag", "outshift", "if 30", "conn", "setmode", "dumb", "smart", "clienterror", "rather", "stopiteration", "firstexclusion", "appendcommit", "firstbranchitem", "filterbranch", "origtip", "oldnew", "remoterepo", "group", "prevpath", "sisdir import", "dangerous", "count", "subcount", "ioerror", "oserror", "gitmodetree", "gitmodefile", "gitmodesymlink", "stack", "nonlocal", "revision", "presdir", "admdirpackages", "warn", "tmprequiredlist", "trigger", "arch", "procscsiscsi", "luns", "scsi", "ax1b", "skript", "scsi bus", "kurt garloff", "gnu gpl", "ieee1394", "l found0", "nextrepoid", "repoid", "realpath", "usb keyboard", "d libmodules", "nousb", "procbususb a", "procbususb fi", "load input", "q input", "inet system", "hostname", "attach", "etcmotd", "newdisk", "scan", "slackkernel", "ram disk", "r sbp2", "r ieee1394", "firewire", "noieee1394", "q ieee1394", "attempt", "use f", "none def", "return password", "return none", "passwd", "nametopwdcache", "gidtogrpcache", "nametogrpcache", "tagfile", "prompt mode", "help software", "less", "removepkg", "gnu cc", "linux source", "pkgtool", "proccmdline", "termvt100", "termlinux", "homeroot lessmm", "ps1u", "home path", "display less", "term ps1", "kind", "branch", "period", "tmpsetfdisk", "minor elif", "smashedline", "l dev", "tmpsetfdisk fi", "probe", "mylex", "raid", "disksets", "packagedir", "blurb", "sourcedir", "tmptmpmsg", "tmptagfile", "media", "pcmcia", "umountcdrom", "o ro", "floppy", "pcmcia andor", "cardbus", "usedflopfalse", "libdir", "libdir exedir", "bcmd", "exedir", "openssl set", "packageversion", "versiongreater", "invert", "optdict", "intify", "limited to", "sockets layer", "argv", "normally", "shutwr", "sigexception", "demuxconn", "pipe import", "demultiplex", "openssl", "debug", "opensslversion", "static imported", "target openssl", "cmake", "shared imported", "fatalerror", "obex", "import", "stringio import", "obex service", "bdaddr channeln", "ascii character", "alength", "notfoundreturn", "use nis", "nis version", "name service", "switch config", "legal", "use dns", "domain name", "os2 boot", "os2 fdisk", "partition magic", "boot manager", "tcpip subsystem", "nfs install", "network support", "make", "sample file", "zip disk", "zip drive", "first scsi", "first ide", "atari", "solaris", "drive x", "zip100", "linkdir", "linkdir fi", "tmp directory", "asap", "linkdir tmp", "indexerror", "want", "midxversion", "wrapper", "multiple index", "filename", "desiredhwm", "domidx", "exitstack", "total", "option", "c option", "vmsize", "vmrss", "vmdata", "vmstk", "majflt", "september", "guess object", "longmatch", "raid device", "devrd", "devname", "concord", "applyerror", "metadata", "einval", "macos", "frozen", "fifo", "common code", "faildelay", "faillogenab", "logunkfailenab", "logoklogins", "lastlogenab", "mailcheckenab", "quotasenab", "syslogsuenab", "syslogsgenab", "console console", "ttywidth", "baseexception", "pythonpath", "pipe", "sigismember", "xdropaqueauth", "libcpvalloc", "rtld", "gnu c", "library", "free software", "foundation", "gnu lesser", "general public", "merchantability", "refs", "keyerror", "important", "carefully", "kwargs", "super", "true result", "priority", "pmsg", "crunch", "tmptempmsg", "localnetmask", "localipaddr", "upnrun", "ip address", "localgateway", "kversion", "eof dialog", "tmpmask", "localnetwork", "slackdevice", "fgrep", "ftp site", "tmpsetmount", "reboot machine", "tmpwhichdrv", "tmpsetmount cat", "select floppy", "drive", "tmptempmsg exit", "tmptempmsg mv", "tmpsourcedir", "drivefound", "cddvd", "rdir", "cddvd drive", "tmpsetcddev", "ide bus", "tmperrordo exit", "third", "login binsh", "l ttys0", "l ttys1", "x0 s", "reboot", "stuff", "bupdir", "iterhelper", "next", "none d", "indexhdr", "ixexists", "ixhashvalid", "ixshamissing", "indexsig", "entlen", "footersig", "tmpdir", "experimental", "bdupcache", "brestore", "bindex", "agulbra", "tcpip", "linux box", "hlinkdb", "verify", "maxpertree", "bupblobbits", "buptreeblobbits", "giterror", "mpicount", "bupnormal", "bupchunked", "refresh", "close", "dump", "dest", "commonargs", "ref dest", "pick", "btree", "missingobject", "bloom filter", "existingcount", "idxlivecount", "ram budget", "bupfs", "importerror", "fuse", "verbose", "fakemetadata", "fsdecode", "ptraceerror", "ptracesetregs", "cpu64bits", "ptraceattach", "ptracedetach", "ptracesyscall", "cpuwordsize", "runningbsd", "ext2", "proc proc", "commanderror", "optionerror", "lcctype", "iso88591", "localrepo repo", "sbine2fsck", "bfailed", "elif", "bcanary", "posix acls", "linux partition", "move", "pgdnspace", "olargefile", "onofollow", "xdev", "xdevxdev", "dirlist", "prepend", "cyan", "white", "blue", "dialog box", "yellow", "active button", "inactive button", "search box", "input box", "green", "excluderxs", "doit", "s seed", "this command", "is extremely", "dangerous n", "chunksize", "socket", "return hex", "supports python", "rethrow", "hostrs", "bnone", "bload", "branchpath", "snapshotroot", "snapshot", "tmpidx", "bashsource", "bashlineno", "int dryrun", "importing", "ux f", "sbinbrc", "eof binsync", "unmounting file", "devnull echo", "rest", "first assert", "existing", "restcount", "none path", "maxbloombits", "bloomversion", "maxbitseach", "discussion", "k4 k5", "k6 k7", "k8 k9", "rvatoi", "exitrv", "exit 1", "noblock", "sisdir", "sislnk", "writetree", "rawtreeitem", "splittreeitem", "metadataro", "meta", "builtmodulename", "dkms", "packagename", "autoinstall", "kernelrelease", "kbuild", "kerneluname", "implementation", "murmurhash3", "jens taylor", "gary court", "austin appleby", "typeof h", "later", "tls1", "fbtfr", "fbfr", "apache http", "fbefr", "fbhfr", "fbabfr", "http", "keepalive", "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "runtime data", "ansi", "getprocaddress", "access type", "ck id", "observed ja3", "mitre att", "show technique", "suspicious", "hybrid", "click", "delphi", "strings", "malicious", "february", "middle", "exploit", "gameover", "hybrid analysis", "api key", "vetting process", "ck matrix", "accept", "memoryfile scan", "invalid octet", "falcon sandbox", "tmpp59thrck", "informative", "name tactics" ], "references": [ "itl-logo.txt", "empty.exe", "libnm.la", "libyara.la", "sunjava_map.xml", "lorem.txt", "stage2", "q\u00e9\u00d5?e\u00ac\u00d2\u00b6.\u000f\u001c\u00cc", "syslinux.cfg", "x.jnlp", "desktop.ini", "a.txt", "a.txt:ads.txt", "dir:ads.txt", "b.txt:ads.txt", "no_ads.txt", ".:ads.txt", "b.txt", "nm-shared.xml", ".zcompdump-m1904-5.9", ".zcompdump", "90-nm-thunderbolt.rules", "84-nm-drivers.rules", "85-nm-unmanaged.rules", "???? ????????.txt", "notes.txt", "notes.txt:ads", "nm-cloud-setup.timer", "NetworkManager-wait-online.service", "nm-cloud-setup.service", "nm-priv-helper.service", "NetworkManager-dispatcher.service", "NetworkManager.service", "NetworkManager-ovs.conf", "nm-pppd-plugin.la", "yara.pc", "libnm.pc", "preload.js", "LICENSE", "index.js", "range.bnf", "package.json", "README.md", "semver.js", "comparator.js", "range.js", "valid.js", "sort.js", "satisfies.js", "rsort.js", "rcompare.js", "prerelease.js", "patch.js", "neq.js", "minor.js", "major.js", "lt.js", "inc.js", "parse.js", "gt.js", "eq.js", "gte.js", "compare-loose.js", "compare.js", "clean.js", "cmp.js", "coerce.js", "compare-build.js", "diff.js", "lte.js", "parse-options.js", "identifiers.js", "debug.js", "constants.js", "re.js", "yallist.js", "iterator.js", "subset.js", "to-comparators.js", "outside.js", "min-version.js", "min-satisfying.js", "max-satisfying.js", "ltr.js", "simplify.js", "intersects.js", "gtr.js", "npmrc", "cli.js", "lifecycle-cmd.js", "cli-entry.js", "package-url-cmd.js", "base-command.js", "npm.js", "arborist-cmd.js", "whoami.js", "view.js", "version.js", "unstar.js", "update.js", "unpublish.js", "uninstall.js", "test.js", "team.js", "stop.js", "start.js", "token.js", "stars.js", "shrinkwrap.js", "set.js", "star.js", "sbom.js", "run-script.js", "root.js", "search.js", "repo.js", "restart.js", "rebuild.js", "publish.js", "prune.js", "prefix.js", "pkg.js", "ping.js", "pack.js", "query.js", "outdated.js", "org.js", "owner.js", "logout.js", "ls.js", "ll.js", "login.js", "link.js", "install-ci-test.js", "profile.js", "hook.js", "init.js", "install-test.js", "install.js", "help.js", "explore.js", "fund.js", "explain.js", "help-search.js", "get.js", "edit.js", "docs.js", "doctor.js", "dist-tag.js", "dedupe.js", "deprecate.js", "ci.js", "config.js", "completion.js", "bugs.js", "adduser.js", "exec.js", "audit.js", "access.js", "cache.js", "find-dupes.js", "validate-engines.js", "web-auth.js", "tar.js", "update-notifier.js", "sbom-cyclonedx.js", "replace-info.js", "read-user-info.js", "reify-output.js", "queryable.js", "timers.js", "validate-lockfile.js", "sbom-spdx.js", "otplease.js", "pulse-till-done.js", "log-shim.js", "log-file.js", "npm-usage.js", "get-identity.js", "format-bytes.js", "open-url-prompt.js", "explain-eresolve.js", "explain-dep.js", "exit-handler.js", "open-url.js", "did-you-mean.js", "completion.sh", "completion.fish", "cmd-list.js", "auth.js", "audit-error.js", "is-windows.js", "display.js", "reify-finish.js", "error-message.js", "format-search-stream.js", "installed-shallow.js", "installed-deep.js", "update-workspaces.js", "get-workspaces.js", "npm-view.md", "npm-version.md", "npm-uninstall.md", "npm-token.md", "npx.md", "npm-team.md", "npm-stop.md", "npm-unstar.md", "npm-start.md", "npm-star.md", "npm-test.md", "npm-shrinkwrap.md", "npm-stars.md", "npm-sbom.md", "npm-root.md", "npm-run-script.md", "npm-restart.md", "npm-rebuild.md", "npm-query.md", "npm-search.md", "npm-prune.md", "npm-publish.md", "npm-profile.md", "npm-repo.md", "npm-whoami.md", "npm-pkg.md", "npm-pack.md", "npm-ping.md", "npm-org.md", "npm-owner.md", "npm-prefix.md", "npm-login.md", "npm-logout.md", "npm-link.md", "npm-install-ci-test.md", "npm-install.md", "npm-init.md", "npm-update.md", "npm-help-search.md", "npm-hook.md", "npm-help.md", "npm-find-dupes.md", "npm-explore.md", "npm-unpublish.md", "npm-exec.md", "npm-ls.md", "npm-edit.md", "npm-doctor.md", "npm-fund.md", "npm-outdated.md", "npm-docs.md", "npm-dist-tag.md", "npm-config.md", "npm-diff.md", "npm-ci.md", "npm-cache.md", "npm-bugs.md", "npm-completion.md", "npm-audit.md", "npm-access.md", "npm.md", "npm-install-test.md", "npm-adduser.md", "npm-dedupe.md", "package-lock-json.md", "package-json.md", "npm-shrinkwrap-json.md", "install.md", "npmrc.md", "folders.md", "workspaces.md", "scripts.md", "removal.md", "scope.md", "registry.md", "package-spec.md", "orgs.md", "developers.md", "dependency-selectors.md", "logging.md", "config.md", "node-which", "mkdirp", "qrcode-terminal", "installed-package-contents", "cssesc", "color-support", "arborist", "pacote", "glob", "empty", "xstat (2).py", "zgrep", "xstat.py", "wtmp", "web.py", "vt300", "vt300 (2)", "vt100 (3)", "vt100", "vint.py", "version (2).py", "version.py", "vdecmd", "unmigrate (2).sh", "unmigrate.sh", "tick.py", "termcap (2)", "termcap", "tag.py", "syslinux (2).cfg", "syslog.conf", "syslog (2).conf", "styles.css", "stdcrt (2)", "std (2)", "stage2 (3)", "stage2 (2)", "std", "ssh.py", "source_info.py", "split.py", "slackinstall", "stdcrt", "shells", "shells (2)", "shquote.py", "shadow (2)", "shadow", "setup (2)", "SeTswap (2)", "SeTPKG (2)", "setup", "SeTswap", "SeTpasswd (2)", "SeTpasswd", "SeTnopart (2)", "SeTpartitions (2)", "SeTnopart", "SeTPKG", "SeTmedia (2)", "SeTpartitions", "SeTmedia", "SeTmaketag", "slackinstall (2)", "SeTkeymap (2)", "SeTmaketag (2)", "SeTkernel", "SeTfull (2)", "SeTkernel (2)", "SeTfull", "SeTfdHELP", "SeTfdHELP (2)", "SeTkeymap", "SeTDOS (2)", "SeTconfig (2)", "services (2)", "SeTDOS", "SeTconfig", "services", "sendcmd.rc", "securetty (2)", "securetty", "server.py", "rm.py", "restore.py", "rm (2).py", "save.py", "removepkg", "rescan-scsi-bus", "removepkg (2)", "README (2)", "README", "repo.py", "rc.usb", "rc.inet1", "rc.S", "rc.ieee1394", "random.py", "pwdgrp.py", "PROMPThelp (2)", "profile (2)", "prune_older.py", "profile", "probe (2)", "probe", "pkgtool", "pkgtool (2)", "pcmcia", "path.py", "passwd (2)", "passwd", "OpenSSLConfigVersion.cmake", "options.py", "PROMPThelp", "openssl.pc", "openmachine.rc", "on__server.py", "on.py", "OpenSSLConfig.cmake", "obexstress", "nsswitch (2).conf", "nsswitch.conf", "nopartHELP (2)", "nopartHELP", "networks (2)", "networks", "network", "mux.py", "mtools (2).conf", "mtools.conf", "mtab (2)", "mtab", "motd (2)", "motd", "modules.pcimap", "modules.pnpbiosmap", "modules.parportmap", "modules.usbmap", "modules.isapnpmap", "modules.ieee1394map", "modules.generic_string", "modules.dep", "migrate (2).sh", "migrate.sh", "midx.py", "midx (2).py", "meta.py", "memtest.py", "margin.py", "makedevs (2).sh", "makedevs.sh", "metadata.py", "ls (2).py", "ls.py", "login (2).defs", "main.py", "login.defs", "list_idx.py", "libssl.pc", "libnm-wwan.la", "libnm-ppp-plugin.la", "libnm-device-plugin-wwan.la", "libnm-device-plugin-wifi.la", "libnm-device-plugin-team.la", "libnm-device-plugin-bluetooth.la", "libnm-device-plugin-ovs.la", "libnm-device-plugin-adsl.la", "libcrypto.pc", "libc6-i386_2.31-0ubuntu6_amd64.url", "libc6-i386_2.31-0ubuntu6_amd64.info", "libc6-i386_2.30-4_amd64.url", "libc6-i386_2.31-0ubuntu6_amd64.symbols", "libc6-i386_2.30-4_amd64.info", "libc6-i386_2.30-4_amd64.symbols", "libc6-i386_2.30-0ubuntu2_amd64.url", "libc6-i386_2.30-0ubuntu2_amd64.info", "libc6-i386_2.30-0ubuntu2.1_amd64.url", "libc6-i386_2.30-0ubuntu2_amd64.symbols", "libc6-i386_2.30-0ubuntu2.1_amd64.info", "libc6-i386_2.29-0ubuntu2_amd64.url", "libc6-i386_2.29-0ubuntu2_amd64.symbols", "libc6-i386_2.29-0ubuntu2_amd64.info", "libc6-i386_2.28-10_amd64.url", "libc6-i386_2.28-10_amd64.info", "libc6-i386_2.28-10_amd64.symbols", "libc6-i386_2.28-0ubuntu1_amd64.symbols", "libc6-i386_2.28-0ubuntu1_amd64.info", "libc6-i386_2.27-3ubuntu1_amd64.url", "libc6-i386_2.27-3ubuntu1_amd64.symbols", "libc6-i386_2.28-0ubuntu1_amd64.url", "libc6-i386_2.27-3ubuntu1_amd64.info", "libc6-i386_2.26-0ubuntu2_amd64.url", "libc6-i386_2.26-0ubuntu2_amd64.info", "libc6-i386_2.26-0ubuntu2_amd64.symbols", "libc6-i386_2.26-0ubuntu2.1_amd64.url", "libc6-i386_2.26-0ubuntu2.1_amd64.info", "libc6-i386_2.24-11+deb9u4_amd64.url", "libc6-i386_2.30-0ubuntu2.1_amd64.symbols", "libc6-i386_2.26-0ubuntu2.1_amd64.symbols", "libc6-i386_2.24-9ubuntu2_amd64.symbols", "libc6-i386_2.24-11+deb9u4_amd64.symbols", "libc6-i386_2.24-9ubuntu2_amd64.url", "libc6-i386_2.24-9ubuntu2_amd64.info", "libc6-i386_2.24-9ubuntu2.2_amd64.url", "libc6-i386_2.24-9ubuntu2.2_amd64.symbols", "libc6-i386_2.24-9ubuntu2.2_amd64.info", "libc6-i386_2.24-3ubuntu2.2_amd64.url", "libc6-i386_2.24-3ubuntu2.2_amd64.info", "libc6-i386_2.24-3ubuntu2.2_amd64.symbols", "libc6-i386_2.24-3ubuntu1_amd64.url", "libc6-i386_2.23-0ubuntu11_amd64.url", "libc6-i386_2.24-3ubuntu1_amd64.symbols", "libc6-i386_2.24-3ubuntu1_amd64.info", "libc6-i386_2.23-0ubuntu11_amd64.symbols", "libc6-i386_2.23-0ubuntu11_amd64.info", "libc6-i386_2.23-0ubuntu10_amd64.url", "libc6-i386_2.23-0ubuntu10_amd64.symbols", "libc6-i386_2.23-0ubuntu10_amd64.info", "libc6-i386_2.23-0ubuntu3_amd64.symbols", "libc6-i386_2.23-0ubuntu3_amd64.info", "libc6-i386_2.21-0ubuntu4_amd64.url", "libc6-i386_2.23-0ubuntu3_amd64.url", "libc6-i386_2.21-0ubuntu4_amd64.info", "libc6-i386_2.21-0ubuntu4.3_amd64.url", "libc6-i386_2.21-0ubuntu4_amd64.symbols", "libc6-i386_2.21-0ubuntu4.3_amd64.info", "libc6-i386_2.19-18+deb8u10_amd64.url", "libc6-i386_2.19-18+deb8u10_amd64.symbols", "libc6-i386_2.19-18+deb8u10_amd64.info", "libc6-i386_2.19-10ubuntu2_amd64.url", "libc6-i386_2.19-10ubuntu2_amd64.symbols", "libc6-i386_2.21-0ubuntu4.3_amd64.symbols", "libc6-i386_2.19-10ubuntu2_amd64.info", "libc6-i386_2.19-10ubuntu2.3_amd64.symbols", "libc6-i386_2.24-11+deb9u4_amd64.info", "libc6-i386_2.19-0ubuntu6_amd64.url", "libc6-i386_2.19-10ubuntu2.3_amd64.url", "libc6-i386_2.19-10ubuntu2.3_amd64.info", "libc6-i386_2.19-0ubuntu6_amd64.info", "libc6-i386_2.19-0ubuntu6_amd64.symbols", "libc6-i386_2.19-0ubuntu6.15_amd64.info", "libc6-i386_2.19-0ubuntu6.15_amd64.url", "libc6-i386_2.19-0ubuntu6.15_amd64.symbols", "libc6-i386_2.17-93ubuntu4_amd64.url", "libc6-i386_2.17-93ubuntu4_amd64.info", "libc6-i386_2.17-0ubuntu5_amd64.url", "libc6-i386_2.17-93ubuntu4_amd64.symbols", "libc6-i386_2.17-0ubuntu5_amd64.info", "libc6-i386_2.17-0ubuntu5.1_amd64.url", "libc6-i386_2.17-0ubuntu5_amd64.symbols", "libc6-i386_2.17-0ubuntu5.1_amd64.symbols", "libc6-i386_2.17-0ubuntu5.1_amd64.info", "libc6-i386_2.15-0ubuntu20_amd64.url", "libc6-i386_2.15-0ubuntu20.2_amd64.url", "libc6-i386_2.15-0ubuntu20_amd64.symbols", "libc6-i386_2.15-0ubuntu20.2_amd64.info", "libc6-i386_2.15-0ubuntu20.2_amd64.symbols", "libc6-i386_2.15-0ubuntu10_amd64.info", "libc6-i386_2.15-0ubuntu10_amd64.url", "libc6-i386_2.15-0ubuntu20_amd64.info", "libc6-i386_2.15-0ubuntu10.18_amd64.url", "libc6-i386_2.15-0ubuntu10_amd64.symbols", "libc6-i386_2.15-0ubuntu10.18_amd64.info", "libc6-i386_2.13-20ubuntu5_amd64.url", "libc6-i386_2.13-20ubuntu5_amd64.info", "libc6-i386_2.13-20ubuntu5_amd64.symbols", "libc6-i386_2.13-20ubuntu5.3_amd64.url", "libc6-i386_2.13-20ubuntu5.3_amd64.info", "libc6-i386_2.13-20ubuntu5.2_amd64.url", "libc6-i386_2.13-20ubuntu5.3_amd64.symbols", "libc6-i386_2.15-0ubuntu10.18_amd64.symbols", "libc6-i386_2.13-20ubuntu5.2_amd64.info", "libc6-i386_2.13-0ubuntu13_amd64.url", "libc6-i386_2.13-0ubuntu13_amd64.info", "libc6-i386_2.13-20ubuntu5.2_amd64.symbols", "libc6-i386_2.13-0ubuntu13.2_amd64.url", "libc6-i386_2.13-0ubuntu13_amd64.symbols", "libc6-i386_2.12.1-0ubuntu10.4_amd64.url", "libc6-i386_2.13-0ubuntu13.2_amd64.info", "libc6-i386_2.12.1-0ubuntu10.4_amd64.info", "libc6-i386_2.13-0ubuntu13.2_amd64.symbols", "libc6-i386_2.12.1-0ubuntu6_amd64.info", "libc6-i386_2.11.1-0ubuntu7_amd64.url", "libc6-i386_2.12.1-0ubuntu6_amd64.symbols", "libc6-i386_2.12.1-0ubuntu10.4_amd64.symbols", "libc6-i386_2.12.1-0ubuntu6_amd64.url", "libc6-i386_2.11.1-0ubuntu7_amd64.info", "libc6-i386_2.11.1-0ubuntu7.21_amd64.info", "libc6-i386_2.11.1-0ubuntu7.21_amd64.symbols", "libc6-i386_2.11.1-0ubuntu7.12_amd64.url", "libc6-i386_2.11.1-0ubuntu7_amd64.symbols", "libc6-i386_2.11.1-0ubuntu7.11_amd64.url", "libc6-i386_2.11.1-0ubuntu7.21_amd64.url", "libc6-i386_2.11.1-0ubuntu7.12_amd64.symbols", "libc6-i386_2.11.1-0ubuntu7.11_amd64.info", "libc6-i386_2.11.1-0ubuntu7.11_amd64.symbols", "libc6-i386_2.10.1-0ubuntu19_amd64.url", "libc6-i386_2.10.1-0ubuntu19_amd64.info", "libc6-i386_2.10.1-0ubuntu19_amd64.symbols", "libc6-i386_2.10.1-0ubuntu15_amd64.info", "libc6-i386_2.10.1-0ubuntu15_amd64.symbols", "libc6-i386_2.11.1-0ubuntu7.12_amd64.info", "libc6-i386_2.9-4ubuntu6_amd64.url", "libc6-i386_2.9-4ubuntu6_amd64.info", "libc6-i386_2.9-4ubuntu6_amd64.symbols", "libc6-i386_2.10.1-0ubuntu15_amd64.url", "libc6-i386_2.9-4ubuntu6.3_amd64.info", "libc6-i386_2.8~20080505-0ubuntu9_amd64.url", "libc6-i386_2.9-4ubuntu6.3_amd64.symbols", "libc6-i386_2.9-4ubuntu6.3_amd64.url", "libc6-i386_2.8~20080505-0ubuntu9_amd64.info", "libc6-i386_2.8~20080505-0ubuntu7_amd64.url", "libc6-i386_2.7-10ubuntu8.3_amd64.url", "libc6-i386_2.8~20080505-0ubuntu7_amd64.info", "libc6-i386_2.7-10ubuntu8.3_amd64.info", "libc6-i386_2.7-10ubuntu3_amd64.url", "libc6-i386_2.8~20080505-0ubuntu7_amd64.symbols", "libc6-i386_2.7-10ubuntu3_amd64.symbols", "libc6-i386_2.7-10ubuntu3_amd64.info", "libc6-i386_2.6.1-1ubuntu10_amd64.url", "libc6-i386_2.6.1-1ubuntu10_amd64.symbols", "libc6-i386_2.6.1-1ubuntu10_amd64.info", "libc6-i386_2.7-10ubuntu8.3_amd64.symbols", "libc6-i386_2.6.1-1ubuntu9_amd64.url", "libc6-i386_2.6.1-1ubuntu9_amd64.info", "libc6-i386_2.6.1-1ubuntu9_amd64.symbols", "libc6-i386_2.5-0ubuntu14_amd64.symbols", "libc6-i386_2.5-0ubuntu14_amd64.info", "libc6-i386_2.4-1ubuntu12_amd64.url", "libc6-i386_2.4-1ubuntu12_amd64.symbols", "libc6-i386_2.4-1ubuntu12_amd64.info", "libc6-i386_2.8~20080505-0ubuntu9_amd64.symbols", "libc6-i386_2.4-1ubuntu12.3_amd64.url", "libc6-i386_2.4-1ubuntu12.3_amd64.info", "libc6-i386_2.5-0ubuntu14_amd64.url", "libc6-i386_2.3.6-0ubuntu20_amd64.url", "libc6-i386_2.3.6-0ubuntu20_amd64.symbols", "libc6-i386_2.3.6-0ubuntu20_amd64.info", "libc6-i386_2.3.6-0ubuntu20.6_amd64.url", "libc6-i386_2.3.6-0ubuntu20.6_amd64.info", "libc6-i386_2.3.6-0ubuntu20.6_amd64.symbols", "ldd", "libc6-i386_2.4-1ubuntu12.3_amd64.symbols", "ld.so (2).conf", "ld.so.conf", "join.py", "itl-logo (3).txt", "itl-logo (2).txt", "issue", "issue (2)", "io.py", "installpkg", "INSNFS (2)", "installpkg (2)", "INSNFS", "INShd", "INShd (2)", "INSfd (2)", "INSfd", "INSdir (2)", "INSdir", "INSCD", "INSCD (2)", "inittab (2)", "inittab", "init.py", "__init__ (2).py", "__init__.py", "index (2).py", "index.py", "import_duplicity.py", "hosts (2)", "hosts", "host (2).conf", "host.conf", "HOSTNAME", "hlinkdb.py", "help.py", "helpers.py", "HOSTNAME (2)", "hashsplit.py", "group (2)", "group", "gc (2).py", "git.py", "get.py", "gc.py", "fuse.py", "func.py", "fstab (2)", "fstab", "ftp.py", "fsck (2).ext2", "fsck (2).ext3", "fsck.ext3", "fsck.ext2", "fsck.py", "filesize", "features.py", "fdisk (2)", "fdisk", "FDhelp (2)", "FDhelp", "empty (3)", "empty (2)", "drecurse.py", "dialogrc", "dialogrc (2)", "disk2 (2)", "drecurse (2).py", "disk2", "damage.py", "daemon.py", "compat.py", "closemachine.rc", "checkout_info.py", "cfdisk (2)", "client.py", "cfdisk", "cat_file.py", "bup-import-rsnapshot", "bup-import-rdiff-backup", "brc (2)", "brc", "bloom (2).py", "bloom.py", "asyncrecv.rc", "90-nm-cloud-setup.sh", "vfs.py", "tree.py", "template-WaR2X6", "a1676298638", "a4033901479", ".X1-lock", ".X0-lock", ".X1024-lock", "b3336837578", "MozillaUpdateLock-7A4D7A8EFFB43502", "imurmurhash.min.js", ".X1025-lock", "murmur2", "b529967783", "empty.lock~", "ab.1", "https://hybrid-analysis.com/sample/babc94597eadb83b520d6a46a57ef2ad963683aef1ff2fc6fa9ba5e98e78e008/65fcd2b1519a5f86d60eed63", "https://hybrid-analysis.com/file-collection/6604df33503d4a306e01c776", "https://hybrid-analysis.com/sample/babc94597eadb83b520d6a46a57ef2ad963683aef1ff2fc6fa9ba5e98e78e008/6604e16b6b94878cbb062194", "https://hybrid-analysis.com/file-collection/6604df4bb797f028b4065601", "https://hybrid-analysis.com/sample/2eaba531c48445e241c116f61653649e403d4b1ef07bfc96390e986e1eeb5b83/6604e230edf88ab15b0d83fc", "https://hybrid-analysis.com/file-collection/66057525d9b81759df06c4b5", "https://hybrid-analysis.com/sample/d714e2a850645f9a0f8f3785dd0eedd47a417417bed470b968e0f6a1a2e746e6/652cf1f4243d9d03b90f74a1", "https://www.virustotal.com/gui/file/ea8490563a229b89f2b779217938f9eb2bcf93dd89de9f7fc5c035632f0934b5/relations" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1012", "name": "Query Registry", "display_name": "T1012 - Query Registry" }, { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1083", "name": "File and Directory Discovery", "display_name": "T1083 - File and Directory Discovery" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1129", "name": "Shared Modules", "display_name": "T1129 - Shared Modules" }, { "id": "T1489", "name": "Service Stop", "display_name": "T1489 - Service Stop" }, { "id": "T1573", "name": "Encrypted Channel", "display_name": "T1573 - Encrypted Channel" }, { "id": "T1614", "name": "System Location Discovery", "display_name": "T1614 - System Location Discovery" }, { "id": "T1030", "name": "Data Transfer Size Limits", "display_name": "T1030 - Data Transfer Size Limits" }, { "id": "T1003", "name": "OS Credential Dumping", "display_name": "T1003 - OS Credential Dumping" }, { "id": "T1018", "name": "Remote System Discovery", "display_name": "T1018 - Remote System Discovery" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 36, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Merkd1904", "id": "196517", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 297, "email": 8, "hostname": 204, "URL": 382, "FileHash-SHA1": 7, "CVE": 2, "FileHash-MD5": 45, "FileHash-SHA256": 5 }, "indicator_count": 950, "is_author": false, "is_subscribing": null, "subscriber_count": 72, "modified_text": "764 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708beba2ba8bcfb1d10237", "name": "hostkey - Industroyer&ReduceRight", "description": "", "modified": "2023-12-06T14:57:47.430000", "created": "2023-12-06T14:57:47.430000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 304, "hostname": 563, "domain": 407, "URL": 1776, "FileHash-SHA1": 2 }, "indicator_count": 3052, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "906 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "65708bbc4c8bf557c17688e1", "name": "\u9ad8\u5c71tv,\u9ad8\u5c71tv,\u9ad8\u5c71tv\u5f71\u9662,\u9ad8\u5c71tv\u770b\u7247\u7f51", "description": "", "modified": "2023-12-06T14:57:00.280000", "created": "2023-12-06T14:57:00.280000", "tags": [], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "StreamMiningEx", "id": "262917", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "CVE": 1, "FileHash-SHA256": 233, "domain": 361, "hostname": 563, "URL": 1374, "FileHash-SHA1": 1, "FileHash-MD5": 1 }, "indicator_count": 2534, "is_author": false, "is_subscribing": null, "subscriber_count": 109, "modified_text": "906 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "642eac06b2963a871b0fdd45", "name": "just a bunch of tv's - Oh maybe these tv channels are all neural \ud83e\udd37\u200d\u2640\ufe0f world tv stream infection", "description": "The Falcon Sandbox malware analysis service is available to download, download and use any of the Falcon MalQuery tools or information you may have seen on the website. \u00c2\u00a31.5m", "modified": "2023-05-06T10:00:48.707000", "created": "2023-04-06T11:24:54.313000", "tags": [ "sandbox", "malware", "analysis", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "ansi", "dropped file", "runtime data", "chromeua", "span", "optout", "pcap processing", "pattern match", "script", "click", "date", "middle", "null", "april", "twitter", "body", "error", "jackson", "desktop", "service", "bill", "heat", "webview", "cruise", "blank", "meta", "night", "false", "contact", "suspicious", "facebook", "close", "cannon", "mayberry", "santana", "comment", "flex", "karma", "nightmare", "find", "spacer", "kitty", "mike", "local", "already", "soldier", "wallpaper", "story", "generic", "tiny", "trident", "android", "hybrid", "general", "hosts", "favorite", "homepage", "music", "code", "push", "strings", "malicious", "qakbot", "25px", "60px", "24px", "100px", "1439px", "segoe ui", "roboto", "path", "chat", "form", "embed", "unknown", "live", "network", "unicode", "feed", "5000", "next", "fullscreen", "iframe", "latv", "latino voices", "localappdata", "latino", "noscript", "pragma", "this", "hybrid analysis", "programfiles", "input", "wilstaging02", "potential ip" ], "references": [ "https://hybrid-analysis.com/sample/843923233cd86185dc3983fbe0fe3be72c6aeef0372db6c076287befc9d3fc5b/642d9d1695c2babbb70478eb", "https://hybrid-analysis.com/sample/52cd1ef12d9ec251dee2996f76150757f7247903d1cf86322569ed90536f59b3/642d9d5f20d5a59b1c0443fd", "https://hybrid-analysis.com/sample/ead272d3ccb36a5a827f80418096bfc30d1251bb739b06ff1711844d99d1b214/642d9de1e48d649afd01ad36", "https://hybrid-analysis.com/sample/3243e4a1f5a075f4d57121d5738d321dcd7e4c79bd96828442e351f660b60dc3/642d9d9c7cb35d938c068be9", "https://hybrid-analysis.com/sample/ea23092a5495e8990d050e61214866717374d79a9403232e37e271e327fe3a58/642db9b4ddc1df124a09bec0" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1105", "name": "Ingress Tool Transfer", "display_name": "T1105 - Ingress Tool Transfer" }, { "id": "T1114", "name": "Email Collection", "display_name": "T1114 - Email Collection" }, { "id": "T1571", "name": "Non-Standard Port", "display_name": "T1571 - Non-Standard Port" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 9, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "callmeDoris", "id": "205385", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 1291, "email": 13, "domain": 591, "URL": 3931, "FileHash-SHA256": 431, "FileHash-MD5": 92, "FileHash-SHA1": 89 }, "indicator_count": 6438, "is_author": false, "is_subscribing": null, "subscriber_count": 93, "modified_text": "1121 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63f38f4fec4dfbc279a059d3", "name": "GootKit emerging threat activity", "description": ".zip downloaded from a compromised WordPress site that contained a .js file.\n\nDetected by end point protection", "modified": "2023-03-22T00:05:18.598000", "created": "2023-02-20T15:18:39.789000", "tags": [ "param", "array", "function", "returns", "example", "object", "index", "null", "length", "checks", "guard", "infinity", "stack", "false", "error", "date", "click", "hello", "pass", "bind", "fusion", "david", "later", "body", "target", "radix", "drop", "flip", "legacy", "lazy", "ruby", "restrict", "leverage", "mimic", "abcd", "stream", "restart", "scroll", "april", "prop", "find", "contact", "slice", "union", "trim", "push" ], "references": [ "service level agreement for insurance company 31941.js" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "GootKit", "display_name": "GootKit", "target": null } ], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "nuckles", "id": "14505", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_14505/resized/80/avatar_7fdc1a630c.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA1": 1, "URL": 23, "domain": 37, "hostname": 5 }, "indicator_count": 66, "is_author": false, "is_subscribing": null, "subscriber_count": 98, "modified_text": "1166 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "630aa58da975d104891c6565", "name": "Live Sexcams: XXX Adult Shows - Free Porn Chat - BongaCams", "description": "", "modified": "2022-08-27T23:15:25.718000", "created": "2022-08-27T23:15:25.718000", "tags": [ "hammer", "gc", "vob", "tvb", "service", "date", "check favorite", "dare", "continuecta", "vote", "goprivate", "buycredits", "ff8d00", "favorite", "error", "null", "nonce", "enterprise", "script", "please do", "not copy", "and paste", "this code", "cgrecaptchacfg", "ngrecaptcha", "eenterprise", "object", "customevent", "ethis", "layouttest", "faceliftlayout", "stubbutton", "similarmodels", "purchasepagev3", "langtag", "newbannerchat", "image", "typeof atrkopts", "dailagill", "strong", "streams", "your", "source of", "pleasure", "live sex", "normal", "cosplay", "fingering", "chat", "deepthroat", "close", "live", "free cams", "sex chat", "live porn", "sex cam", "livesex", "webcamsex", "adult cams", "free live sex chat", "webcam sex", "chat online", "free adults hd", "mins", "xxx cams", "xxx porn", "free live cam", "adult sex", "material", "majority", "here looking", "for child", "pornography", "move on", "on this", "website", "we will", "turn over", "free porn webcams", "live webcam", "online sex cam", "xxx girls", "live sex chat", "teen sexchat", "amateur video", "web cam", "sexcams", "shows", "porn chat", "bongacams", "function", "i2c1", "xeir", "cef4", "m4sr", "e4c4", "math", "ttmt", "y4giwe", "h5gg", "window", "css1062", "segoe ui", "emoji", "href", "roboto", "helvetica neue", "arial", "apple color", "symbol", "typecheckbox", "twitter", "web design", "iran", "author url", "github", "regexp", "pseudo", "child", "typeof n", "typeof t", "class", "attr", "typeof module", "this" ], "references": [ "xfe-URL-payvtylhwjxnr.xyz-stix2-2.1-export.json", "https://payvtylhwjxnr.xyz/Content/script?v=2", "https://payvtylhwjxnr.xyz/Content/css/banks.css", "https://payvtylhwjxnr.xyz/Content/style?v=1", "xfe-IP-104.21.72.150-stix2-2.1-export.json", "xfe-IP-172.67.151.101-stix2-2.1-export.json", "https://static.selfpuc.com/mnpw3.js", "https://bcprm.com/promo.php?c=716918&type=embed_chat&page=popular_chat&top_model=1&stream_only_size=full", "https://en.bongacams.com/popular-chat-popup?livetab=female&top_model=1&c=716918&hit_url=https%3A%2F%2Fbongacams.com%2Ftrack%3Fc%3D716918%26ps%3Dembed_chat&stream_only=1&amute=1&classic=on", "https://bongacams.com/GianaWatson", "https://m.bimbim.com/en/DailaGill?psid=crakmedia2&psprogram=revs&pstool=450_1&utm_campaign=main&utm_content=redirect&utm_medium=webmaster&utm_source=promotools", "https://d31qbv1cthcecs.cloudfront.net/atrk.js", "https://i.bcicdn.com/js-min/1NCJjq/27984029c73362dbf9ec0727.js", "https://www.google.com/recaptcha/enterprise.js?&render=6LeY5wkeAAAAAHNlJZXiHgJrpCTsD-Qu0O2GlYgB", "https://staticx1.dditscdn.com/mbl/frontend_backbone/static/_common/modular-member-client/script/maincontext_9af26.min.js" ], "public": 1, "adversary": "", "targeted_countries": [ "New Caledonia", "New Zealand" ], "malware_families": [ { "id": "Hammer", "display_name": "Hammer", "target": null }, { "id": "Tvb", "display_name": "Tvb", "target": null }, { "id": "Vob", "display_name": "Vob", "target": null }, { "id": "Gc", "display_name": "Gc", "target": null } ], "attack_ids": [ { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" } ], "industries": [], "TLP": "white", "cloned_from": "62509a05316b00bcca30c693", "export_count": 7, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Hardtogiveafuck", "id": "205637", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 425, "domain": 459, "URL": 1412, "FileHash-SHA256": 125 }, "indicator_count": 2421, "is_author": false, "is_subscribing": null, "subscriber_count": 7, "modified_text": "1372 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6261f2763fabd1214a79f0e5", "name": "Masterhost.ru - malware hosting", "description": "Here is the code-decode for the punycode-overflow test, which is based on the results of the following test-run by the UK's Office of National Statistics (ONS).", "modified": "2022-05-21T00:03:44.725000", "created": "2022-04-22T00:10:30.250000", "tags": [ "fffe37", "b76810", "helvetica", "arial", "pf din", "text comp", "circe", "span", "button", "90deg", "object", "typeof t", "date", "promise", "function", "array", "regexp", "error", "typeof symbol", "typeof n", "null", "backspace", "void", "window", "vd", "gc", "typeof e", "sufeffxa0", "class", "attr", "pseudo", "child", "typeof module", "string", "weakmap", "proxy", "number", "boolean", "trnf", "keepalive", "transitiongroup", "hello", "comment", "infinity", "this", "copyright", "closure library", "xdfunction", "cdfunction", "ddfunction", "bded", "kefunction", "65535", "counter", "typeof c", "segoe ui", "typeerror", "lucida", "vwtabguid", "form", "impact", "light", "cureit", "bu durumda", "ip address", "devam", "yandex", "help section", "captcha code", "support service", "search", "edge", "swhealthlog", "logsdatabasev2", "trident", "android", "rangeerror", "webpackexports", "illegal input", "webpackrequire" ], "references": [ "https://admin.verbox.ru/support/support.js?h=afe80d31a1cabd6ae5c00580688f27d2", "https://www.youtube.com/s/player/534c466c/www-widgetapi.vflset/www-widgetapi.js", "https://site.yandex.net/v2.0/js/all.js", "https://mc.yandex.ru/metrika/tag.js", "https://www.googletagmanager.com/gtag/js?id=UA-36935570-1", "https://masterhost.ru/s/masterhost_v2/build/js/app.js?v=WivgGVzt/Ynv", "https://masterhost.ru/s/masterhost_v2/build/js/compiled.min.js?v=Q/hhNATxy3sx", "https://static.me-talk.ru/cabinet/build/chat/modern.support.js", "https://masterhost.ru/s/masterhost_v2/build/css/global.css?v=MUmvaY06hvKf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Gc", "display_name": "Gc", "target": null }, { "id": "Vd", "display_name": "Vd", "target": null } ], "attack_ids": [ { "id": "T1027", "name": "Obfuscated Files or Information", "display_name": "T1027 - Obfuscated Files or Information" }, { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1991, "hostname": 678, "FileHash-SHA256": 247, "domain": 404, "email": 1, "FileHash-MD5": 51 }, "indicator_count": 3372, "is_author": false, "is_subscribing": null, "subscriber_count": 70, "modified_text": "1471 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6256f92778c2f2177bdd4de9", "name": "\u9ad8\u5c71tv,\u9ad8\u5c71tv,\u9ad8\u5c71tv\u5f71\u9662,\u9ad8\u5c71tv\u770b\u7247\u7f51", "description": "Here is a full list of highlights from the Chinese TV series, which began in 2011 and has now been broadcast on Chinese television, online and mobile devices, and is now available to watch online.", "modified": "2022-05-13T00:03:35.765000", "created": "2022-04-13T16:24:07.391000", "tags": [ "date", "cnzzdata", "czuuid", "umdistinctid", "typeof symbol", "https", "zeno rocha", "typeof", "typeof define", "error", "array", "12863", "qrcode", "2g2g2h2h0g", "dhdh", "exptable", "logtable", "string", "typeof j", "regexp", "typeof e", "typeof t", "class", "attr", "pseudo", "child", "function", "typeof module", "ahgr", "0x40", "h0x1", "mm32", "indexof", "length", "h0x0", "0x248", "h0x2", "0x17b", "webpackrequire", "webpackexports", "object", "default", "hn return", "importsnvar", "truennnn", "iostf", "android", "nvar", "clickdownload", "this", "path", "service", "roboto", "boolean", "number", "createnamespace", "n default", "nn return", "null", "click", "void", "istanbul", "false", "close", "window", "info", "target", "find", "footer", "delta", "generator", "cascade", "code", "trigger", "next", "arrow", "slice", "checkbox", "body", "green", "phase", "copy", "infinity", "middle", "open", "calendar", "flex", "fail", "shift", "super", "internal", "form", "locale", "spinner", "spin", "multi", "mask", "write", "flip", "logic", "patch", "abcd", "skew", "main", "rest", "trim", "dark", "canvas", "facebook", "executor", "span", "tips", "sticky", "uploader", "bind", "config", "startpage", "speed", "toolbar", "refresh", "done", "format", "cardinal", "outside", "install", "public", "github", "vuejs", "jump", "browser", "sign", "view", "sponsor", "github sponsors", "mit license", "contact", "star", "stars", "javascript", "please", "strong", "\u9ad8\u5c71tv", "\u9ad8\u5c71tv\u5f71\u9662", "\u9ad8\u5c71tv\u770b\u7247\u7f51", "hd 20210830", "hd mu", "hd heydouga", "poro", "tv tv", "hd ok", "hd fol", "hd nanami2", "hd \uff13", "hd 20210927" ], "references": [ "http://www.bbbbop13.com:1313/", "xfe-URL-hyqxsnjj.com-stix2-2.1-export.json", "https://web.op39v.xyz/?channelCode=pingguo", "https://github.com/vuejs/vue-devtools", "https://web.op39v.xyz/js/chunk-vendors.js", "https://web.op39v.xyz/js/chunk-common.js", "https://res-1257422681.file.myqcloud.com/assets/yeyue/boinstall.js", "https://cdn.staticfile.org/jquery/3.6.0/jquery.min.js", "https://cdn.staticfile.org/qrcodejs/1.0.0/qrcode.min.js", "https://cdn.staticfile.org/clipboard.js/2.0.8/clipboard.min.js", "https://s9.cnzz.com/z_stat.php?id=1280740152&web_id=1280740152", "https://c.cnzz.com/core.php?web_id=1280740152&t=z" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1374, "hostname": 563, "CVE": 1, "domain": 361, "FileHash-SHA256": 233, "FileHash-SHA1": 1, "FileHash-MD5": 1 }, "indicator_count": 2534, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1479 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "62509a05316b00bcca30c693", "name": "Live Sexcams: XXX Adult Shows - Free Porn Chat - BongaCams", "description": "Here is the full text of the code for the new animation, which will take place at 20:00 GMT on Friday, 1:30 BST.. (19:45 GMT)..", "modified": "2022-05-08T00:03:14.586000", "created": "2022-04-08T20:24:37.141000", "tags": [ "hammer", "gc", "vob", "tvb", "service", "date", "check favorite", "dare", "continuecta", "vote", "goprivate", "buycredits", "ff8d00", "favorite", "error", "null", "nonce", "enterprise", "script", "please do", "not copy", "and paste", "this code", "cgrecaptchacfg", "ngrecaptcha", "eenterprise", "object", "customevent", "ethis", "layouttest", "faceliftlayout", "stubbutton", "similarmodels", "purchasepagev3", "langtag", "newbannerchat", "image", "typeof atrkopts", "dailagill", "strong", "streams", "your", "source of", "pleasure", "live sex", "normal", "cosplay", "fingering", "chat", "deepthroat", "close", "live", "free cams", "sex chat", "live porn", "sex cam", "livesex", "webcamsex", "adult cams", "free live sex chat", "webcam sex", "chat online", "free adults hd", "mins", "xxx cams", "xxx porn", "free live cam", "adult sex", "material", "majority", "here looking", "for child", "pornography", "move on", "on this", "website", "we will", "turn over", "free porn webcams", "live webcam", "online sex cam", "xxx girls", "live sex chat", "teen sexchat", "amateur video", "web cam", "sexcams", "shows", "porn chat", "bongacams", "function", "i2c1", "xeir", "cef4", "m4sr", "e4c4", "math", "ttmt", "y4giwe", "h5gg", "window", "css1062", "segoe ui", "emoji", "href", "roboto", "helvetica neue", "arial", "apple color", "symbol", "typecheckbox", "twitter", "web design", "iran", "author url", "github", "regexp", "pseudo", "child", "typeof n", "typeof t", "class", "attr", "typeof module", "this" ], "references": [ "xfe-URL-payvtylhwjxnr.xyz-stix2-2.1-export.json", "https://payvtylhwjxnr.xyz/Content/script?v=2", "https://payvtylhwjxnr.xyz/Content/css/banks.css", "https://payvtylhwjxnr.xyz/Content/style?v=1", "xfe-IP-104.21.72.150-stix2-2.1-export.json", "xfe-IP-172.67.151.101-stix2-2.1-export.json", "https://static.selfpuc.com/mnpw3.js", "https://bcprm.com/promo.php?c=716918&type=embed_chat&page=popular_chat&top_model=1&stream_only_size=full", "https://en.bongacams.com/popular-chat-popup?livetab=female&top_model=1&c=716918&hit_url=https%3A%2F%2Fbongacams.com%2Ftrack%3Fc%3D716918%26ps%3Dembed_chat&stream_only=1&amute=1&classic=on", "https://bongacams.com/GianaWatson", "https://m.bimbim.com/en/DailaGill?psid=crakmedia2&psprogram=revs&pstool=450_1&utm_campaign=main&utm_content=redirect&utm_medium=webmaster&utm_source=promotools", "https://d31qbv1cthcecs.cloudfront.net/atrk.js", "https://i.bcicdn.com/js-min/1NCJjq/27984029c73362dbf9ec0727.js", "https://www.google.com/recaptcha/enterprise.js?&render=6LeY5wkeAAAAAHNlJZXiHgJrpCTsD-Qu0O2GlYgB", "https://staticx1.dditscdn.com/mbl/frontend_backbone/static/_common/modular-member-client/script/maincontext_9af26.min.js" ], "public": 1, "adversary": "", "targeted_countries": [ "New Caledonia", "New Zealand" ], "malware_families": [ { "id": "Hammer", "display_name": "Hammer", "target": null }, { "id": "Tvb", "display_name": "Tvb", "target": null }, { "id": "Vob", "display_name": "Vob", "target": null }, { "id": "Gc", "display_name": "Gc", "target": null } ], "attack_ids": [ { "id": "T1140", "name": "Deobfuscate/Decode Files or Information", "display_name": "T1140 - Deobfuscate/Decode Files or Information" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 425, "domain": 459, "URL": 1412, "FileHash-SHA256": 125 }, "indicator_count": 2421, "is_author": false, "is_subscribing": null, "subscriber_count": 71, "modified_text": "1484 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "625eecb6fbc4353a109fe71c", "name": "hostkey - Industroyer&ReduceRight", "description": "Fbevents-PostalCodeType:f.exports, f.1, is a new addition to the list of \"signals\" that can be added to phone numbers.", "modified": "2022-04-19T17:09:10.196000", "created": "2022-04-19T17:09:10.196000", "tags": [ "livechat", "sign up", "free", "grow", "policy", "sign", "strong", "sorry", "identify", "increase", "lzutf8", "typeerror", "uint8array", "array", "error", "typeof r", "class", "invalid", "post", "uint32array", "date", "null", "papvisitorid", "string", "regexp", "value", "property", "valuenumber", "activexobject", "postaffparams", "object", "number", "boolean", "typeof e", "math", "first", "raid", "window", "service", "ukraine", "epsilon", "arrow", "target", "keepalive", "void", "shell", "econnaborted", "hkwfunction", "typeof symbol", "function", "promise", "request", "network error", "livechatwidget", "ticket form", "prechat survey", "postchat survey", "typeof n", "chat", "blank", "win32", "iframe", "reduceright", "copyright", "closure library", "xdfunction", "adfunction", "cdfunction", "ddfunction", "bded", "x3e div", "trackevent", "landingpagegpu", "x3e table", "gpudraw", "path", "code", "functional", "member", "hnew regexp", "qfunction", "adview", "addbillinginfo", "addtocart", "addtolist", "contact", "download", "install", "symbol", "iterator", "extractor", "pixel", "facebook", "meta", "65535", "counter", "segoe ui", "lucida", "ecommerce", "ext link", "comic", "form", "impact", "light" ], "references": [ "https://mc.yandex.ru/metrika/watch.js", "https://connect.facebook.net/signals/config/785878845108827", "https://snap.licdn.com/li.lms-analytics/insight.min.js", "https://www.googletagmanager.com/gtm.js?id=GTM-M9D76H", "https://www.googletagmanager.com/gtag/js?id=UA-73589630-1", "https://cdn.livechatinc.com/tracking.js", "https://rec.smartlook.com/main-20220331074633.js", "https://hostkey.com/hk/widgets/ext/build/stock.bundle.js", "https://hostkey.com/hk/widgets/ext/src/hostkey.js", "https://hostkey.postaffiliatepro.com/scripts/Oy173jux8", "https://hostkey.postaffiliatepro.com/scripts/Oy173rux8?accountld=default1&url=S_hostkey.com%2F&referrer=&isInlframe=false&getParams=&anchor=", "https://widget.trustpilot.com/trustboxes/5613c9cde69ddc09340c6beb/index.html?templateld=5613c9cde69ddc09340c6beb&businessunitld=55e46b640000ff000582c91e#locale=en-GB&styleHeight=100%25&styleWidth=100%25&theme=light", "https://secure.livechatinc.com/" ], "public": 1, "adversary": "", "targeted_countries": [ "Tunisia" ], "malware_families": [ { "id": "ReduceRight", "display_name": "ReduceRight", "target": null }, { "id": "Industroyer - S0604", "display_name": "Industroyer - S0604", "target": null } ], "attack_ids": [ { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" }, { "id": "T1125", "name": "Video Capture", "display_name": "T1125 - Video Capture" }, { "id": "T1059", "name": "Command and Scripting Interpreter", "display_name": "T1059 - Command and Scripting Interpreter" }, { "id": "T1547", "name": "Boot or Logon Autostart Execution", "display_name": "T1547 - Boot or Logon Autostart Execution" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 8, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "adjadex1@gmail.com", "id": "187163", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 1778, "hostname": 563, "FileHash-SHA256": 304, "domain": 407, "FileHash-SHA1": 2 }, "indicator_count": 3054, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "1502 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "mtab", "add-service.sh", "http-malware-host.nse", "http-majordomo2-dir-traversal.nse", "T-TeleSec_GlobalRoot_Class_2.crt", "Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt", "cn9130_register", "http-tplink-dir-traversal.nse", "tick.py", "bootcount", "charon.conf", "get-identity.js", "websec_timeobj.lua", "smb-double-pulsar-backdoor.nse", "web_security", "iterator.js", "npm-shrinkwrap.md", "b433981b.0", "libc6-i386_2.27-3ubuntu1_amd64.symbols", "nsection.htm", "hmac.conf", "netbus-auth-bypass.nse", "smb-enum-shares.nse", "removepkg (2)", "api.sh", "libc6-i386_2.9-4ubuntu6.3_amd64.info", "libc6-i386_2.5-0ubuntu14_amd64.symbols", "https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX", "https://en.bongacams.com/popular-chat-popup?livetab=female&top_model=1&c=716918&hit_url=https%3A%2F%2Fbongacams.com%2Ftrack%3Fc%3D716918%26ps%3Dembed_chat&stream_only=1&amute=1&classic=on", "SeTmedia (2)", "zone_api.sh", "12d1:1c24", "12d1:14ad", "CFCA_EV_ROOT.crt", "19d2:0003", "http-config-backup.nse", "xl2tpd.conf", "test.js", "libc6-i386_2.26-0ubuntu2_amd64.symbols", "ip-geolocation-map-kml.nse", "30-3g", "05c7:1000", "2077:f000", "07d1:a800", "sys_status.html", "http-vmware-path-vuln.nse", "vnet_core.sh", "smb-vuln-cve-2017-7494.nse", "token.js", "ipt-nathelper-extra", "smb-flood.nse", "2001:98ff", "S42macgroup", "0b3c:c700", "modem-configure.gcom", "ipt-core", "dynamic_dns_dyndns.sh", "libc6-i386_2.8~20080505-0ubuntu9_amd64.url", "Security_Communication_RootCA2.crt", "jquery.scrollTo.min.js", "ipgroup", "npm-sbom.md", "slackinstall", "SeTkeymap", "smtp-enum-users.nse", "libc6-i386_2.19-10ubuntu2_amd64.info", "INSCD (2)", "v6plus.sh", "route_api.sh", "xfe-URL-payvtylhwjxnr.xyz-stix2-2.1-export.json", "drop_caches", "account_config.html", "https://www.filescan.io/uploads/664ba368d5c40bffee63b1ee/reports/31817751-6b5d-45df-8813-472aa6c756a3/overview", "70-pptp-ifdown.sh", "0af0:d031", "ipt-compat-xtables", "creds-summary.nse", "chat-get-anydata_1", "https://bongacams.com/GianaWatson", "kernel-netlink.conf", "libc6-i386_2.6.1-1ubuntu10_amd64.info", "whois-ip.nse", "https://us-test-sandbox.recordedfuture.com/240617-h73bbszepa", "usb-serial-option", "1c9e:98ff", "SeTpasswd (2)", "wdb-version.nse", "directip-stop.gcom", "hosts", "protocols", "usermngr_backup.html", "f3377b1b.0", "dns-cache-snoop.nse", "0ace:2011", "http-phpmyadmin-dir-traversal.nse", "ar8327_switch_led", "libc6-i386_2.24-3ubuntu2.2_amd64.info", "filter", "iptables.debug", "ldap_check_result.sh", "url_escape.sed", "ipsec_tunnel.html", "1-vnet_lanv6hook.sh", "rsync-list-modules.nse", "cs_dis.html", "ms-sql-xp-cmdshell.nse", "smb2-time.nse", "zombie_monitor", "pgp.conf", "dhcp6c.script", "libc6-i386_2.17-93ubuntu4_amd64.symbols", "xmpp-brute.nse", "l2tp_server.html", "targets-ipv6-map4to6.nse", "switch", "0421:0622", "0471:1210:uMa=Philips", "cbi.js", "tn3270-screen.nse", "supermicro-ipmi-conf.nse", "S47mac_filter", "f51bb24c.0", "zone_api_all.sh", "ifstatus", "K10improxy", "ipidseq.nse", "attach_timeobj.lua", "compare.js", "runcommand.gcom", "1ee8:0040", "1726:f00e", "options.l2tp", "0471:1237", "https://masterhost.ru/s/masterhost_v2/build/css/global.css?v=MUmvaY06hvKf", "mrinfo.nse", "broadcast-pc-anywhere.nse", "46-nat.sh", "wifidog", "lanv6_server.sh", "qos", "koi-win", "targets-xml.nse", "broadcast-networker-discover.nse", "https://secure.livechatinc.com/", "0af0:6711", "qos_public.sh", "ssl_vpn_quicksetup.html", "lifecycle-cmd.js", "19d2_0002", "libc6-i386_2.8~20080505-0ubuntu7_amd64.symbols", "npm-doctor.md", "https://www.virustotal.com/gui/collection/33a61b144ffdece76551464e76866ab59346f0fa3f1f97380b401c1ac3f0d305/summary", "Buypass_Class_3_Root_CA.crt", "Above Malcore Strings: All - EnterpriseAppsList, AppRegistration, EnterpriseAppslist, exportGroup, exportUsers, HiddenApps - EnterpriseAppsList****", "0af0:7111", "mppe", "SeTkernel", "install.js", "nping-brute.nse", "ramips.sh", "xfe-IP-104.21.72.150-stix2-2.1-export.json", "19d2:2000", "dhcp_static.html", "fc5a8f99.0", "logrotate.conf", "sfe", "0af0:8800", "S99lldpd", "201e:1023", "firmware_reboot.html", "libc6-i386_2.26-0ubuntu2.1_amd64.url", "membase-brute.nse", "filesystems", "S96policy_route", "mime.types", "4f316efb.0", "informix-tables.nse", "98-ipt_web_dns_match", "https://www.googletagmanager.com/gtag/js?id=UA-73589630-1", "filter_global", "ee64a828.0", "libc6-i386_2.21-0ubuntu4_amd64.url", "cli_nat_cmd.tree", "libc6-i386_2.30-0ubuntu2_amd64.url", "19d2:1238", "32-l2tp", "kill-pptpd-xl2tpd.sh", "npm-access.md", "http-hp-ilo-info.nse", "12d1:380b", "firewall.user", "S50snmpd", "dhcp_lan_settings.html", "fsck (2).ext3", "patch.js", "network", "puppet-naivesigning.nse", "vlan.lua", "knx-gateway-info.nse", "SeTmaketag", "dictionary.microsoft", "libnm-wwan.la", "cics-user-enum.nse", "1004:61aa", "usb-storage", "open-url-prompt.js", "whoami.js", "npm-prefix.md", "607986c7.0", "bittorrent-discovery.nse", "0421:0632", "dhcp_client.html", "vpn_wireguard.html", "widget.js", "makedevs.sh", "S60url_filter", "0df7:0800", "mt7628_switch_portStatistic", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cff1a5ea31558d54fcbf6", "team.js", "SeTPKG (2)", "footer.htm", "FDhelp", "notes.txt:ads", "773e07ad.0", "libc6-i386_2.12.1-0ubuntu10.4_amd64.url", "ftp-vuln-cve2010-4221.nse", "basic.html", "gre_overipsec.html", "http-litespeed-sourcecode-download.nse", "lt.js", "D-TRUST_Root_Class_3_CA_2_EV_2009.crt", "19d2:1210", "ipt-ipsec", "https://www.wordfence.com/blog/2022/10/threat-advisory-monitoring-cve-2022-42889-text4shell-exploit-attempts/", "chat-modem-test", "npm-link.md", "portal_mgmt", "1ee8:0045", "dhcp.script", "npm-help-search.md", "libc6-i386_2.23-0ubuntu11_amd64.url", "drda-brute.nse", "openlookup-info.nse", "web_filter.html", "https://static.me-talk.ru/cabinet/build/chat/modern.support.js", "smb-enum-users.nse", "ipv6-node-info.nse", "getcnum.gcom", "0421:060c", "cccam-version.nse", "clock.lua", "12d1:1521", "S95ifstat-mini", "lorem.txt", "1199:0fff", "npm-cache.md", "2ae6433e.0", "sysauth.htm", "18-dnsproxyvnet.sh", "core_log.sh", "http-robtex-shared-ns.nse", "smb-enum-services.nse", "0af0:d157", "syslinux.cfg", "session_limits.sh", "10-sysctl", "mt7628_switch_portVlan", "https://www.youtube.com/s/player/534c466c/www-widgetapi.vflset/www-widgetapi.js", "star.js", "Go_Daddy_Class_2_CA.crt", "OpenSSLConfig.cmake", "dicom-ping.nse", "error404.htm", "installed-package-contents", "usb-mode.json", "advanced.html", "smtp-vuln-cve2010-4344.nse", "diagnostic.html", "options.pptpd", "ll.js", "OpenSSLConfigVersion.cmake", "1410:5041", "boot_done", "19d2:0325", "ipxr", "smb-vuln-ms17-010.nse", "rtl8367s_register", "fsck (2).ext2", "libc6-i386_2.15-0ubuntu20.2_amd64.symbols", "country_group.html", "reset", "index.py", "support_bundle_commands.conf", "cssesc", "85-ntp", "00_start_sync.sh", "account.html", "validate-engines.js", "firewall", "06dc52d5.0", "switch_port.sh", "modules.usbmap", "usbmuxd", "get.py", "web_func.sh", "npm-query.md", "libc6-i386_2.11.1-0ubuntu7.12_amd64.symbols", "19d2:1017", "libc6-i386_2.30-0ubuntu2.1_amd64.url", "0af0:d033", "get_rps.sh", "19d2:1227", "replace-info.js", "cli_http_cmd.tree", "upnp.html", "05-vnet-lanv6", "revocation.conf", "npm-prune.md", "10a9:6080", "state_gen.lua", "mysql-info.nse", "INSNFS (2)", "minor.js", "detach_timeobj.lua", "lock-prov.gcom", "libc6-i386_2.17-93ubuntu4_amd64.info", "Cybertrust_Global_Root.crt", "9d04f354.0", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/65d8c22c9a6367d4742ddd59", "https://viz.greynoise.io/analysis/33e9b33b-b932-4c43-9be1-3e2d6f9cb4b3", "b66938e9.0", "shells", "ipsec_check_domain.sh", "npm-whoami.md", "https://site.yandex.net/v2.0/js/all.js", "https://www.verizon.com/business/", "preview_mobile_wifi.html", "usermngr_user.html", "pptp-client-delete.sh", "qrcode-terminal", "30-atm", "core_redirect.sh", "cics-info.nse", "authlistCheck.lua", "https://hostkey.com/hk/widgets/ext/src/hostkey.js", "10-pppox-if-up-down.sh", "wireguard-up.sh", "30-fs-jfs", "empty.exe", "https://socket.dev/blog/checkmarx-supply-chain-compromise", "0b1b94ef.0", "0930:0d46", "ppp-up", "nat", "ssl_vpn_user.html", "restore.py", "16d8:6803", "network_arch.sh", "lu-enum.nse", "dicom-brute.nse", "ssl-cert-intaddr.nse", "1e09d511.0", "getstrength.gcom", "murmur-version.nse", "Comodo_AAA_Services_root.crt", "http-slowloris.nse", "dynamic_route", "9b5697b0.0", "8160b96c.0", "exit-handler.js", "Trustwave_Global_ECC_P384_Certification_Authority.crt", "ms-sql-tables.nse", "0af0:7401", "dhcp6s", "2001:00a6", "05c6:1000:uMa=StrongRising", ".:ads.txt", "modules.generic_string", "f081611a.0", "K10portal_mgmt", "S71hwnat", "QuoVadis_Root_CA_3.crt", "29-fs-fscache", "qos_tc.sh", "ippool.html", "sdhci-mt7621", "treestore.js", "explain-dep.js", "npm-docs.md", "19d2_0004", "0fd1:1000", "core_ipv6group.sh", "chat-gsm-test", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906322f5af13cdfb50be", "0af0:7071", "mwan3-tplink", "zone_conf.sh", "metasploit-xmlrpc-brute.nse", "led.sh", ".X1024-lock", "AffirmTrust_Premium.crt", "combobox.js", "rules.html", "653b494a.0", "fdisk (2)", "xF43MOjWbQiz+vIQbjaGodBk4PpoECFzUYyznnj8Enc=", "libc6-i386_2.30-0ubuntu2.1_amd64.symbols", "ipv6group", "npm-pkg.md", "mbimfind.lua", "2001:a805", "nexpose-brute.nse", "Entrust_Root_Certification_Authority_-_G4.crt", "22-access_ctl", "1fac:0130", "ffff_0001", "login.js", "openvpn", "interface_mode.html", "sip-call-spoof.nse", "version.py", "QuoVadis_Root_CA_2_G3.crt", "vmware-version.nse", "libc6-i386_2.27-3ubuntu1_amd64.info", "19d2:1171", "password.js", "acl_wanhook.lua", "l2tp-ipsec-delete.lua", "libc6-i386_2.28-0ubuntu1_amd64.info", "voldemort-info.nse", "migrate (2).sh", "https://hybrid-analysis.com/sample/babc94597eadb83b520d6a46a57ef2ad963683aef1ff2fc6fa9ba5e98e78e008/65fcd2b1519a5f86d60eed63", "setmode.gcom", "profile.js", "broadcast-wsdd-discover.nse", "AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.crt", "ftp-vsftpd-backdoor.nse", "setup", "cfdisk", "32-ipsec6", "npm-rebuild.md", "lvalue.htm", "mt7621_switch_led", "31-iptunnel6", "ca-certificates.crt", "cups-queue-info.nse", "ar8327_switch_portVlan", "customddns_set_url.sh", "mt7621_register", "dir:ads.txt", "help-search.js", "12-netbios-passthrough", "nsswitch.conf", "client.py", "4b718d9b.0", "iptv.html", "mikrotik-routeros-brute.nse", "libc6-i386_2.6.1-1ubuntu9_amd64.url", "ips_whitelists.html", "S99improxy", "3g.sh", "pptp-startup.sh", "http-phpself-xss.nse", "vnet", "8888:6500", "SeTDOS (2)", "6d41d539.0", "interface_wan.html", "file.js", "npm-test.md", "https://report.netcraft.com/submission/ATkcJjvq2iKUQhELceQs7q4WVU76Q8QG - Submitted IPv4s to Netcraft 08.29.25", "99_10_run_init", "desktop.ini", "https://tria.ge/240517-vdwb5shc71/behavioral1", "Amazon_Root_CA_2.crt", "http-git.nse", "mysql-brute.nse", "__init__ (2).py", "pop3-ntlm-info.nse", "setup (2)", "progressbar.js", "INSdir (2)", "enablemodem", "19d2:1175", "checkbox.js", "S99bootcount", "shodan-api.nse", "dictionary.ascend", "rtl8367s_switch_portRateControl", "ip-geolocation-ipinfodb.nse", "3fb36b73.0", "domino-enum-users.nse", "mysql-databases.nse", "backorifice-info.nse", "chat-get", "1ee8:0003", "completion.js", "phddns.html", "brc (2)", "libc6-i386_2.15-0ubuntu10.18_amd64.symbols", "min-version.js", "get-vpn-gw.sh", "libc6-i386_2.24-9ubuntu2.2_amd64.info", "l2tp", "18-ipv6group", "S99smp", "proxy.js", "vlan_network", "0af0:8304", "http-form-brute.nse", "fstab (2)", "libc6-i386_2.24-11+deb9u4_amd64.symbols", "service", "header.htm", "weblogic-t3-info.nse", "cli_time_range_cmd.tree", "rc.local", "sbom.js", "npm-dist-tag.md", "https://mc.yandex.ru/metrika/tag.js", "upnp", "106c:3b14", "AppRegistrationList.csv", "Certum_Trusted_Network_CA_2.crt", "0af0:7701", "smp.sh", "setapn.gcom", "qmi.sh", "daemons.conf", "19d2:0103", "mt7621_switch_portState", "msg.js", "50_indicate_regular_preinit", "http-vuln-cve2017-8917.nse", "1b7d:0700", "ips_blacklists.html", "couchdb-stats.nse", "qos_grpmark.sh", "19d2:1030", "l2tp-reload.sh", "libc6-i386_2.31-0ubuntu6_amd64.url", "9482e63a.0", "12d1:155a", "frr.conf", "libc6-i386_2.29-0ubuntu2_amd64.symbols", "pptp-server", "modem", "hotplug-call", "https://m.bimbim.com/en/DailaGill?psid=crakmedia2&psprogram=revs&pstool=450_1&utm_campaign=main&utm_content=redirect&utm_medium=webmaster&utm_source=promotools", "connect-directip.gcom", "libnm-device-plugin-wifi.la", "smb-enum-processes.nse", "0408:ea17", "1410:5030", "help.js", "8d86cdd1.0", "samba-vuln-cve-2012-1182.nse", "servicetags.nse", "gt.js", "stars.js", "19d2:0149", "http-apache-negotiation.nse", "cli_extra_cmd.tree", "imap-capabilities.nse", "usbshare", "find_target.lua", "modules.pcimap", "00-ecsIfChange", "phddns", "eap-info.nse", "daemons", "rmi-vuln-classloader.nse", "5443e9e3.0", "https://www.filescan.io/uploads/664bb40fbc04dffa92240ca2/reports/398074f2-c7b6-40e9-9b5c-4225cc990473/overview", "1ee8:0009", "230d:0007", "cloud_service.cfg", "http-exif-spider.nse", "ppp-mod-radius", "12d1:#linux", "yara.pc", "qconn-exec.nse", "asyncrecv.rc", "https://d31qbv1cthcecs.cloudfront.net/atrk.js", "libc6-i386_2.3.6-0ubuntu20_amd64.info", "orgs.md", "administration", "stage2 (2)", "rip", "firmware_reseting.html", "time_range.lua", "ar8327_switch_portRateControl", "19d2:bccd", "luci", "networks", "validate-lockfile.js", "SeTkeymap (2)", "0af0:7361", "emSign_Root_CA_-_C1.crt", "libnm.pc", "0bf05006.0", "90-xt_vlan", "ipsec_execute_stroke.sh", "706f604c.0", "pkcs7.conf", "SeTswap (2)", "nat-pmp-info.nse", "2001:a80b", "nsswitch (2).conf", "Starfield_Root_Certificate_Authority_-_G2.crt", "dns-fuzz.nse", "xl2tp-secrets", "full_valueheader.htm", "40-scsi-core", "mysql-vuln-cve2012-2122.nse", "dictionary.asnet", "0e8d:0002:uPr=Product", "99-vpn_hook.sh", "config.js", "preinit", "firewalk.nse", "GlobalSign_Root_CA_-_R3.crt", "12d1:14b7", "ecmp.sh", "wportal_free.html", "vnc-title.nse", "mt7621_switch_portPara", "https://static.selfpuc.com/mnpw3.js", "0421:062c", "radio.js", "l2tp-doipsec.sh", "97-line_backup.sh", "b1159c4c.0", "valid.js", "ssh-hostkey.nse", "cell_valuefooter.htm", "stage2 (3)", "pop3-capabilities.nse", "snmp-win32-services.nse", "96-customddns.sh", "directip.sh", "openwrt_version", "npm-star.md", "0408:f000", "http-mcmp.nse", "97-qos.sh", "network_netinfo.htm", "nfs-showmount.nse", "GDCA_TrustAUTH_R5_ROOT.crt", "chunk-vendors.0cdf10f0.js", "button.js", "libc6-i386_2.13-0ubuntu13.2_amd64.symbols", "snmp.html", "dialogrc", "30-fs-cifs", "Added some URLs from FSio Report to URLScan", "snmp-netstat.nse", "error-message.js", "ssl_vpn_user_group.html", "ajp-request.nse", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b - https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b = Hidden Apps - Enterprise Apps List", "0af0:7381", "editor.js", "20a6:f00e", "start.js", "syslog (2).conf", "targets-ipv6-wordlist.nse", "completion.fish", "deprecate.js", "zone_api_core.sh", "05c6:1000:uMa=Vertex", "libc6-i386_2.24-11+deb9u4_amd64.url", "makedevs (2).sh", "2357:f000", "S70usbshare", "pptp-client-global", "http-put.nse", "intersects.js", "cmxddns.html", "Actalis_Authentication_Root_CA.crt", "controller.js", "Buypass_Class_2_Root_CA.crt", "04e8:680c", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/summary", "libc6-i386_2.7-10ubuntu3_amd64.info", "GTS_Root_R3.crt", "tls-alpn.nse", "system_mode.html", "smb-enum-sessions.nse", "ddns", "UCA_Global_G2_Root.crt", "cli_access_cmd.tree", "mwan3", "update-workspaces.js", "add_delete.sh", "serial", "https://staticx1.dditscdn.com/mbl/frontend_backbone/static/_common/modular-member-client/script/maincontext_9af26.min.js", "1636090b.0", "usbmodem", "pkcs1.conf", "removepkg", "snmpd", "12d1:14c1", "Hongkong_Post_Root_CA_3.crt", "libc6-i386_2.9-4ubuntu6.3_amd64.symbols", "S68online", "libc6-i386_2.24-9ubuntu2.2_amd64.symbols", "50-access_ctl.sh", "button.htm", "openmachine.rc", "90-portal_mgmt", "2001:a707", "bitcoin-getaddr.nse", "libc6-i386_2.7-10ubuntu8.3_amd64.symbols", "30_failsafe_wait", "preload.js", "libc6-i386_2.30-0ubuntu2.1_amd64.info", "socks-open-proxy.nse", "S99ipv6", "margin.py", "cli_show_interface_status_cmd.tree", "dpi", "18-dnsproxy.sh", "snmp-interfaces.nse", ".X0-lock", "http-vuln-cve2011-3368.nse", "21-nat.sh", "http-iis-webdav-vuln.nse", "system", "libc6-i386_2.13-20ubuntu5_amd64.info", "05c6:6503", "ike-version.nse", "omada-tool.lock", "excanvas.js", "unittest.nse", "vt100 (3)", "default_balance", "c01eb047.0", "libc6-i386_2.10.1-0ubuntu19_amd64.url", "npm-usage.js", "https://seclists.org/nmap-dev/2011/q4/420", "ospf", "socks-brute.nse", "qos-tplink", "25-pppox.sh", "OISTE_WISeKey_Global_Root_GC_CA.crt", "libnm-device-plugin-wwan.la", "libc6-i386_2.13-20ubuntu5.3_amd64.url", "starter.conf", "broadcast-dns-service-discovery.nse", "mt7628_switch_led", "97-upnp.sh", "rtl8367s_switch_portStatistic", "dhcp_lan_settings_standalone.html", "12d1:1505", "handle_card_process.sh", "hostmap-robtex.nse", "19d2:1237", "0421:0627", "setpin.gcom", "npm-run-script.md", "libc6-i386_2.8~20080505-0ubuntu7_amd64.url", "Entrust_Root_Certification_Authority_-_G2.crt", "libyara.la", "99_end_sync.sh", "NAVER_Global_Root_Certification_Authority.crt", "disconn-script", "broadcast-ataoe-discover.nse", "libc6-i386_2.24-3ubuntu2.2_amd64.url", "range.js", "cron", "05c6:0010", "qos_state.sh", "adduser.js", "omp2-enum-targets.nse", "0af0:7301", "GlobalSign_Root_R46.crt", "vuze-dht-info.nse", "pptp-global-setting.sh", "12d1:1f1d", "stun-info.nse", "lib-crc-ccitt", "Amazon_Root_CA_1.crt", "pd_server.sh", "ipgroup_group.html", "mtools.conf", "p2p-conficker.nse", "wireguard", "snmp-processes.nse", "iscsi-brute.nse", "tls-ticketbleed.nse", "2077:1000", "0922:1003", "dslite-up.sh", "auth_port_modify.sh", "pjl-ready-message.nse", "omron-info.nse", "http-jsonp-detection.nse", "19d2:2004", "upnp_api.sh", "40-imb.sh", "log_oops_recovery.sh", "hbase-master-info.nse", "99-ipt_tpconnlimit", "usb-printer", "GlobalSign_Root_E46.crt", "show_interface.lua", "pppox-pppoetimer.sh", "pptp_tunnel.html", "D-TRUST_Root_Class_3_CA_2_2009.crt", "netifd-wireless.sh", "12d1:1009", "NetworkManager-ovs.conf", "sharecfg", "openvpn-password.lua", "cert.pem", "drda-info.nse", "04fc:2140", "19d2:1179", "luci-add-conffiles.sh", "ipsec_failover", "ipt-nat-extra", "S98led", "1bbb:011f", "portal_mgmt_monitor.lua", "12d1:1d50", "cleanTMP.sh", "S01spi_device_id", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/iocs", "done", "networks (2)", "90-nm-thunderbolt.rules", "compare-loose.js", "vfs.py", "npmrc.md", "30-fs-hfsplus", "0408:1000", "930ac5d2.0", "preview_wportal.html", "shadow (2)", "hlinkdb.py", "index.html", "modules.parportmap", "pcmcia", "npm-find-dupes.md", "uhttpd", "npm-config.md", "read-user-info.js", "ndppd", "01-zone", "passwd (2)", "init.py", "1004:607f", ".zcompdump", "00-vnet_client.sh", "22-imb.sh", "login.html", "npm-search.md", "FDhelp (2)", "QuoVadis_Root_CA_3_G3.crt", "12d1:1f19", "openssl.pc", "broadcast-xdmcp-discover.nse", "qos_dpdk.sh", "slider.js", "uci-defaults.sh", "libc6-i386_2.3.6-0ubuntu20_amd64.url", "online_reload.lua", "openvpn-instance.sh", "03-vlan", "sstp-discover.nse", "core_service.sh", "hook.js", "ubi_make_extra_volume.sh", "broadcast-jenkins-discover.nse", "19d2:1216", "crypto-hw-eip93", "dynamic_dns_log.sh", "http-wordpress-users.nse", "smb2-vuln-uptime.nse", "http-vuln-cve2014-2128.nse", "S65wifidog", "pem.conf", "https://hybrid-analysis.com/file-collection/6604df4bb797f028b4065601", "pptp_client.html", "lib-textsearch", "stroke.conf", "12d1:1c1b", "ssl_vpn_tunnel.html", "itl-logo.txt", "tls-nextprotoneg.nse", "motd (2)", "gopher-ls.nse", "cn9130_switch_portMirror", "cli_snmp_cmd.tree", "line_backup", "libc6-i386_2.15-0ubuntu10_amd64.symbols", "0f5dc4f3.0", "stuxnet-detect.nse", "custom_ddns.html", "S97ipsec", "106c:3b11", "fips-prf.conf", "accountmgnt", "0af0:7311", "INSdir", "search.js", "macgroup", "slackinstall (2)", "1e89:f000", "https://hybrid-analysis.com/sample/52cd1ef12d9ec251dee2996f76150757f7247903d1cf86322569ed90536f59b3/642d9d5f20d5a59b1c0443fd", "https://www.filescan.io/uploads/664bb0cd7c9fb1468fc610c5/reports/00c78e4d-2156-4906-a106-ebf7e2723251/overview", "ff34af3f.0", "3bde41ac.0", "netbus-version.nse", "ipt-tproxy", "19d2:0150", "rm.py", "attr.conf", "libc6-i386_2.23-0ubuntu11_amd64.symbols", "05c6:1000:uMa=AnyDATA", "broadcast-tellstick-discover.nse", "1ee8:004a", "flood_defense", "12d1:1010", "fdisk", "dropbear_rsa_host_key", "empty (2)", "service.sh", "inc.js", "http-auth-finder.nse", "sunjava_map.xml", "ms-sql-config.nse", "https://hostkey.postaffiliatepro.com/scripts/Oy173rux8?accountld=default1&url=S_hostkey.com%2F&referrer=&isInlframe=false&getParams=&anchor=", "libc6-i386_2.13-20ubuntu5.2_amd64.info", "qscan.nse", "406c9bb1.0", "106c:3b06", "libc6-i386_2.8~20080505-0ubuntu9_amd64.symbols", "iec-identify.nse", "one_nat.html", "simplify.js", "S90openvpn", "libc6-i386_2.6.1-1ubuntu9_amd64.symbols", "npm-bugs.md", "ubiquiti-discovery.nse", "dnsproxy", "libc6-i386_2.26-0ubuntu2.1_amd64.info", "mongodb-info.nse", "libc6-i386_2.21-0ubuntu4_amd64.info", "dictionary.merit", "dns-recursion.nse", "12d1:14c3", "libc6-i386_2.23-0ubuntu10_amd64.symbols", "80_mount_root", "switch_portMonitor.html", "libc6-i386_2.12.1-0ubuntu6_amd64.url", "oracle-sid-brute.nse", "chat-modem-configure", "10_migrate-shadow", "1004:6327", "nginx", "98-ipt_websec_match", "AffirmTrust_Networking.crt", "v6plus-dial.sh", "10-metric.sh", "25-nls-cp932", "S90portal_mgmt", "pacote", "http-backup-finder.nse", "nbns-interfaces.nse", "libc6-i386_2.9-4ubuntu6_amd64.info", "uninstall.js", "scripts.md", "snmp-sysdescr.nse", "31-iptunnel", "ngx_init.lua", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00975ea31558d54fceea", "libc6-i386_2.11.1-0ubuntu7.11_amd64.info", "vtam-enum.nse", "pc_wifi.html", "http-vuln-cve2014-8877.nse", "mcafee-epo-agent.nse", "npm.md", "stdcrt (2)", "ls.js", "update.js", "rip_routing.html", "dhcp6s.conf", "cassandra-brute.nse", "pptpd.conf", "DigiCert_Global_Root_G3.crt", "12d1:1413", "gtr.js", "nje-node-brute.nse", "S46nat", "log-file.js", "http-title.nse", "dpi_log_database.lua", "opkg.conf", "power", "ab.1", "charon-logging.conf", "usb-net-asix", "pppox-default-variables.sh", "a.txt:ads.txt", "http-dombased-xss.nse", "scope.md", "empty (3)", "19d2:1219", "https://snap.licdn.com/li.lms-analytics/insight.min.js", "openvpn-client-up.sh", "2357:0200", "cli_accountmgnt_cmd.tree", "00-configlink.sh", "S99system_params", "nje-pass-brute.nse", "openwebnet-discovery.nse", "npmrc", "libc6-i386_2.24-9ubuntu2_amd64.symbols", "rdp-ntlm-info.nse", "0fca:8020", "mysql-empty-password.nse", "COMODO_ECC_Certification_Authority.crt", "TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt", "config.sh", "npm-logout.md", "19d2:1009", "ssl-cert.nse", "command.gcom", "rtl8367s_switch_portVlan", "0af0:7271", "daap-get-library.nse", "9c8dfbd4.0", "COMODO_Certification_Authority.crt", "0af0:d013", "ngx_wdas.lua", "usb-wdm", "26-openvpn.sh", "get_option.lua", "fsck.py", "48bec511.0", "vnet_zone_api.sh", "ipsec_sa.html", "usbModem.html", "delete-service.sh", "dynamic_dns_customddns.sh", "70-backup", "port_trigger.html", "libc6-i386_2.17-93ubuntu4_amd64.url", "0af0:6731", "19d2:1517", "npm-version.md", "libc6-i386_2.3.6-0ubuntu20_amd64.symbols", "index (2).py", "11-led", "irc-sasl-brute.nse", "pcworx-info.nse", "dhcp", "functions.sh", "3e44d2f7.0", "qos_Class_role.html", "fixup-mac-address", "syslog.conf", "http-vuln-cve2009-3960.nse", "form.js", "snmp-ios-config.nse", "iscsi-info.nse", "93bc0acc.0", "mt7621_switch_portRateControl", "ippool", "2020:f00f", "explain.js", "https://sitereport.netcraft.com/?url=http://ualberta.ca", "d6325660.0", "SeTDOS", "http-sitemap-generator.nse", "19d2:0388", "HOSTNAME (2)", "ecs", "http-sql-injection.nse", "ar9533_register", "noipddns.html", "daemon.py", "http-unsafe-output-escaping.nse", "mobile_wifi.html", "19d2:0101", "30-fs-autofs4", "K25zone", "smb-vuln-ms07-029.nse", "hadoop-namenode-info.nse", "19d2:0115", "npm-ping.md", "dhcp_logrotate", "npm-edit.md", "snapshot", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d00356dd8f43b723a915a", "fastcgi_params", "http-frontpage-login.nse", "timers.js", "named.cache", "telnet", "cmd.sh", "repo.py", "S99zbalance_loop_reset", "ssl-poodle.nse", "dns-zone-transfer.nse", "session_limits.html", "qos_ifgroup.sh", "npm-init.md", "server.py", "60-mac_filter.sh", "S99usbmodem", "loggerd", "19d2:1420", "neq.js", "metasploit-info.nse", "1004:613f", "nat_config.sh", "http-wordpress-brute.nse", "compound.htm", "auth.js", "libc6-i386_2.11.1-0ubuntu7.21_amd64.url", "26-freeStrategy", "ndmp-version.nse", "libc6-i386_2.13-20ubuntu5_amd64.url", "2b349938.0", "mysql-users.nse", "QuoVadis_Root_CA_1_G3.crt", "12d1:1526", "http-cookie-flags.nse", "jdwp-exec.nse", "http-svn-enum.nse", "options.xl2tpd", "Certum_Trusted_Root_CA.crt", "S99dynamic_route", "S10boot", "mt7628_switch_portPara", "0af0:4007", "19d2:0318", "net_share.sh", "S50uhttpd", "color-support", "rdp-enum-encryption.nse", "libc6-i386_2.19-0ubuntu6.15_amd64.symbols", "teamspeak2-version.nse", "19d2:0026", "motd", "02_network", "7719f463.0", "INSNFS", "midx (2).py", "banner.nse", "scepclient.conf", "qos_nf.sh", "nm-priv-helper.service", "76faf6c0.0", "0d46:45a1", "broadcast-listener.nse", "mmouse-brute.nse", "ip-geolocation-maxmind.nse", "1bbb:00ca", "jquery.flot.js", "switch.js", "ssl-heartbleed.nse", "port-states.nse", "Staat_der_Nederlanden_EV_Root_CA.crt", "54657681.0", "libc6-i386_2.28-0ubuntu1_amd64.url", "zzddns", "usb-serial", "zone", "updown.conf", "reload_config", "broadcast-pc-duo.nse", "49-ipt-ipset-tplink", "S60xl2tpd", "l2tp-ipsec-setstatus.lua", "get.js", "http://www.bbbbop13.com:1313/", "05c6:1000:uMa=CELOT", "0fce:d0df", "S25sysctl", "d4dae3dd.0", "libc6-i386_2.10.1-0ubuntu15_amd64.symbols", "libc6-i386_2.10.1-0ubuntu19_amd64.symbols", "00-vnet.sh", "map.htm", "ar8327_switch_portState", "hardware.txt", "npm-owner.md", "jdwp-inject.nse", "1ee8:0063", "1dbc:0669", "cd8c0d63.0", "oracle-brute.nse", "19d2_0003", "SSL.com_EV_Root_Certification_Authority_RSA_R2.crt", "ipt-iprange", "12d1:101e", "bitcoin-info.nse", "lltd-discovery.nse", "pki.conf", "npm-restart.md", "disk2 (2)", "http-shellshock.nse", "chat-get-anydata_2", "1ab7:5700", "vnet.sh", "meta.py", "a3418fda.0", "http-webdav-scan.nse", "98-ipt_urlset_match", "paging.js", "zzzzzsys_info", "ftp-libopie.nse", "sdnInfo", "1e0e:f000", "4bfab552.0", "https://hybrid-analysis.com/sample/ea23092a5495e8990d050e61214866717374d79a9403232e37e271e327fe3a58/642db9b4ddc1df124a09bec0", "x11-access.nse", "http-drupal-enum-users.nse", "12d1:151a", "ls.py", "12d1:14d1", "host (2).conf", "pptp-client", "reify-output.js", "12d1:#android", "TWCA_Root_Certification_Authority.crt", "04cc:2251", "http-feed.nse", "coap-resources.nse", "05c6:2000", "imb", "ldap-search.nse", "S95l2tp", "l2tp-client", "hwnat", "pptp", "http-affiliate-id.nse", "0471:1210:uMa=Wisue", "qos_polling.sh", "S42ipv6group", "root.key", "tmngtd", "stage2", "pptp_server.html", "057c:84ff", "xstat.py", "nfs-statfs.nse", "random.py", "S42ipgroup", "19d2:1232", "web_security.html", "rc2.conf", "q\u00e9\u00d5?e\u00ac\u00d2\u00b6.\u000f\u001c\u00cc", "securetty (2)", "usb-net-huawei-cdc-ncm", "libc6-i386_2.15-0ubuntu10.18_amd64.url", "SeTswap", "acarsd-info.nse", "save.py", "http-huawei-hg5xx-vuln.nse", "http-bigip-cookie.nse", "S99phddns", "dns-client-subnet-scan.nse", "folderTree.js", "libc6-i386_2.9-4ubuntu6.3_amd64.url", "S10system", "http-comments-displayer.nse", "Secure_Global_CA.crt", "strongswan.conf", "http-favicon.nse", "priv-key.pem", "arp_list.html", "libc6-i386_2.12.1-0ubuntu10.4_amd64.info", "enable_service.sh", "README", "closemachine.rc", "time.js", "timepicker.js", "customddns", "smb-vuln-cve2009-3103.nse", "nfs-ls.nse", "cn9130_switch_portVlan", "19d2:0083:uPr=WCDMA", "freelancer-info.nse", "10-fstab", "zzzcloud_proc", "riak-http-info.nse", "lan.js", "16d8:700a", "modules.isapnpmap", "monitor_port.lua", "openvpn-mgmt", "libc6-i386_2.11.1-0ubuntu7.11_amd64.url", "https://res-1257422681.file.myqcloud.com/assets/yeyue/boinstall.js", "ms-sql-brute.nse", "reverse-index.nse", "ms-sql-dac.nse", "irc-info.nse", "http-trace.nse", "debug.lua", "S47dos_defense", "fsck.ext2", "http-passwd.nse", "http-vuln-cve2013-7091.nse", "disk2", "http-vuln-cve2006-3392.nse", "https://www.filescan.io/uploads/664bb683bc04dffa92241015/reports/92b70fd6-97d7-4386-8465-f3fd79043843/overview", "url-snarf.nse", "syslinux (2).cfg", "b.txt", "libc6-i386_2.19-0ubuntu6_amd64.symbols", "xcbc.conf", "ar8327_switch_portPara", "ssh.py", "0af0:7501", "rc.inet1", "12d1_0005", "l2tp_client.html", "time_mngt.html", "Certigna.crt", "0482:024d", "pptp-server-global", "https://mc.yandex.ru/metrika/watch.js", "textarea.js", "domcon-brute.nse", "compare-build.js", "S50queueventd", "nntp-ntlm-info.nse", "brc", "modules.pnpbiosmap", "stun-version.nse", "hashsplit.py", "openflow-info.nse", "sysupgrade.conf", "ar8327_switch_8021Qvlan", "lanv6.sh", "sip-enum-users.nse", "1c9e:9101", "cn9130_switch_portStatistic", "1c9e:f000:uMa=USB_Modem", "emSign_Root_CA_-_G1.crt", "access_control.html", "ipsec.conf", "migrate.sh", "S50cron", "http-ntlm-info.nse", "l2tp-functions.sh", "sbom-cyclonedx.js", "nat_dmz.sh", "5d3033c5.0", "passthrough.sh", "f30dd6ad.0", "shadow", "libc6-i386_2.12.1-0ubuntu6_amd64.info", "42-ip6tables", "libc6-i386_2.11.1-0ubuntu7.21_amd64.symbols", "05c6:9024", "zteinfo.gcom", "QuoVadis_Root_CA_2.crt", "f387163d.0", "citrix-enum-apps.nse", "std (2)", "delete_restart.sh", "url_func.sh", "30-policy_route.sh", "napt.html", "README (2)", "dnsmasq", "19d2:0146", "30-fs-nfs-common", "radius.conf", "arp.sh", "S50dropbear", "sha1.conf", "utils.sh", "remote_mngt", "dns-nsid.nse", "nessus-brute.nse", "70-policy_route.sh", "connect-ncm.gcom", "pppox-killtunnel.sh", "1410:5031", "vpn_user.html", "system_params", "1410:5059", "boot", "19d2:1224", "http-vuln-cve2012-1823.nse", "ssl_vpn_locked_user.html", "cn9130_switch_globalLed", "All - EnterpriseAppsList.csv", "openvpn-server-up.sh", "1ee8:0068", "logger", "05c6:2001", "cli_base_cmd.tree", "firstboot", "bloom (2).py", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/664f906222f5af13cdfb5093", "firmware_managing.html", "ipmi-brute.nse", "imb.html", "05_set_iface_mac_mediatek", "nm-cloud-setup.timer", "68dd7389.0", "ed09:1021", "sshv1.nse", "1a8d:1000", "25-nls-utf8", "range.bnf", "user-secrets.reference", "dpi.sh", "ecsIfName", "IdenTrust_Commercial_Root_CA_1.crt", "K71hwnat", "S85webfilter", "smtp-vuln-cve2011-1720.nse", "12d1:1f18", "S99dnsproxy", "dns_cache.html", "snmp-win32-shares.nse", "S99drop_caches", "unmigrate.sh", "comparator.js", "informix-query.nse", "bugs.js", "3e45d192.0", "TrustCor_RootCert_CA-1.crt", "http-chrono.nse", "libc6-i386_2.12.1-0ubuntu10.4_amd64.symbols", "ssl_vpn_auth_radius.html", "broadcast-ping.nse", "base-files-essential", "cli-entry.js", "19d2:0304", "socks-auth-info.nse", "usb-acm", "switch.sh", "time.sh", "snmp-hh3c-logins.nse", "1bbb:f052", "05c6:1000:uMa=SSE", "0af0:8201", "libc6-i386_2.27-3ubuntu1_amd64.url", "mkdirp", "sip-methods.nse", "services", "ms-sql-info.nse", "vlan_vlanSetting.html", "npm-org.md", "http-method-tamper.nse", "redis-info.nse", "libc6-i386_2.11.1-0ubuntu7.12_amd64.url", "TWCA_Global_Root_CA.crt", "ipv6.html", "libc6-i386_2.28-10_amd64.info", "https://tria.ge/240521-q4s79agb25/static1", "doctor.js", "S47administration", "dhcp6c.sh", "https://viz.greynoise.io/analysis/5f89eddc-2668-47a2-8f6b-d4d81a31180c", "12d1:1557", "cli_show_iface_cmd.tree", "1004:61e7", "itl-logo (3).txt", "deluge-rpc-brute.nse", "hostmap-bfk.nse", "nm-cloud-setup.service", "set_fan.sh", "format-search-stream.js", "access_control", "eed8c118.0", "1a8d:2000", "upload.htm", "rexec-brute.nse", "npm-install-test.md", "glob", "libnm-device-plugin-bluetooth.la", "uptime-agent-info.nse", "drecurse.py", "vtysh.conf", "smb-security-mode.nse", "delegator.htm", "appdist_database.html", "K91geoip", "EC-ACC.crt", "openvpn-common.sh", "S99dpi", "wportal", "dist-tag.js", "22-dos_defense", "getregistestate.gcom", "0af0:8302", "GlobalSign_ECC_Root_CA_-_R4.crt", "mt7628_switch_portRateControl", "https-dns-proxy", "0af0:c100", "platform.sh", "SeTkernel (2)", "https://hybrid-analysis.com/sample/2eaba531c48445e241c116f61653649e403d4b1ef07bfc96390e986e1eeb5b83/6604e230edf88ab15b0d83fc", "12d1:1f03", "aee5f10d.0", "16d8:700b", "04_handle_checksumming", "bitcoinrpc-info.nse", "ar9533_switch_init", "libc6-i386_2.19-10ubuntu2_amd64.symbols", "mysql-audit.nse", "04cc:225c", "aes.conf", "ping.js", "afp-path-vuln.nse", "protocol", "http-default-accounts.nse", "ipt-account", "system_params.html", "0fce:d0e1", "https://www.virustotal.com/gui/file/19ec86ce10a716e8e63804239052c96cfa0a7fb66c2820bda2e66358f622525c/community", "230d:0003", "reset.gcom", "05c6:f000", "0af0:d001", "isp_routing.html", "itl-logo (2).txt", "portal-mgmt", "dns-brute.nse", "106c:3b03", "wireguard-down.sh", "yallist.js", "core_forwarding.sh", "1410:5010", "sha2.conf", "libc6-i386_2.28-0ubuntu1_amd64.symbols", "servers", "domcon-cmd.nse", "dns-blacklist.nse", "1c9e:9200", "tabcontainer.htm", "queueventd", "http-vuln-cve2014-2129.nse", "dyn3322ddns.html", "e35234b1.0", "http-vuln-cve2014-2127.nse", "ipsec_check_domain_wrap.sh", "l2tp-init.sh", "libc6-i386_2.15-0ubuntu20_amd64.url", "12d1:155b", "openvpn_client.html", "rip.lua", "vt100", "_updown", "vint.py", "rsa_check", "access_func_v6.sh", "citrix-brute-xml.nse", "Thor Scan: S-I9VvMTB6cZU", "giop-info.nse", "unmigrate (2).sh", "ar8327_switch_portMirror", "0af0:8900", "nat_one.sh", "diff.js", "dvalue.htm", "md5.js", "ftp-syst.nse", "sierrainfo.gcom", "http-drupal-enum.nse", "smb2-capabilities.nse", "6b99d060.0", "rc.usb", "libc6-i386_2.24-3ubuntu1_amd64.symbols", "S83web_security", "32-sit", "4a6481c9.0", "address-info.nse", "base-command.js", "firmware_factory.html", "1076:7f40", "dns-srv-enum.nse", "smp", "19d2:1523", "dedupe.js", "https://viz.greynoise.io/analysis/6d4e20f2-7e0c-4d31-83a6-f973343f4dd1", "0af0:7031", "npm-stop.md", "alg.html", "tvalue.htm", "probe (2)", "libc6-i386_2.13-20ubuntu5_amd64.symbols", "nginx.conf", "lldp_get_wan_device.sh", "libc6-i386_2.13-0ubuntu13_amd64.symbols", "0af0:7251", "prune.js", "mux.py", "0f6fa695.0", "http-enum.nse", "firewall_zonelist.htm", "cmxddns", "pptp_global.html", "SeTmaketag (2)", "GlobalSign_Root_CA_-_R6.crt", "cn9130_switch_portState", "lte.js", "libc6-i386_2.17-0ubuntu5_amd64.info", "store.js", "http-traceroute.nse", "index.a415cbb4.js", "2048_newroot.cer", "S42service", "smb-protocols.nse", "sendsms-at.gcom", "broadcast-dhcp6-discover.nse", "service.html", "firewall-bypass.nse", "18856ac4.0", "targets-ipv6-multicast-mld.nse", "25-nls-cp1251", "online.html", "npm-view.md", "https://www.googletagmanager.com/gtm.js?id=GTM-M9D76H", "fieldset.js", "pppv6.sh", "finger.nse", "bjnp-discover.nse", "30-fs-vfat", "duplicates.nse", "ci.js", "25-nls-iso8859-2", "988a38cb.0", "ssl_vpn_server.html", "1c9e:1001", "xl2tpd", "SZAFIR_ROOT_CA2.crt", "04e8:689a", "webfilter_global", "switch_Parameter.html", "pppox", "99-z3g4g-connect", "0408:f001", "S21tddpd", "usb-net-rndis", "https://viz.greynoise.io/ip/analysis/408b56e2-1932-4975-b348-5a8a7c5991d4", "30-fs-ext4", "arping.sh", "25-nls-iso8859-6", "tftp-enum.nse", "cvs-brute-repository.nse", "client.crt", "S99led_set", "test.sh", "AC_RAIZ_FNMT-RCM.crt", "knx-gateway-discover.nse", "installed-shallow.js", "ldap-novell-getpass.nse", "set_time", "1004:6156", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F", "ldap_query.sh", "12d1:1f11", "membase-http-info.nse", "snmp-win32-users.nse", "10-mount", "https://tria.ge/240617-g49essyaqa/behavioral1", "Amazon_Root_CA_3.crt", "12d1:1f1b", "90-nm-cloud-setup.sh", "d7e8dc79.0", "05c6:1000:uMa=Option", "ipt-geoip", "package-url-cmd.js", "ipv6group_address.html", "dropbear", "format-bytes.js", "7f3d5d1d.0", "19d2:1536", "257a:d000", "Hongkong_Post_Root_CA_1.crt", "smb-system-info.nse", "http-generator.nse", "npm-hook.md", "99-xt_l2tp", "http-useragent-tester.nse", "1c9e:9800", "broadcast-novell-locate.nse", "chunk-common.72de4705.css", "S99zzzcloud_proc", "access_func.sh", "imap-ntlm-info.nse", "rc.S", "note", "16d8:6804", "mtools (2).conf", "ePKI_Root_Certification_Authority.crt", "S01led_early", "full_valuefooter.htm", "libc6-i386_2.11.1-0ubuntu7.21_amd64.info", "rsync-brute.nse", "50-qos_ctl", "cn9130_switch_portRateControl", "90-xt_multinetdev", "libc6-i386_2.26-0ubuntu2_amd64.info", "25-nls-cp866", "ifstart", "oracle-enum-users.nse", "libc6-i386_2.21-0ubuntu4_amd64.symbols", "baseinfo.gcom", "http-vuln-cve2015-1635.nse", "ssh-auth-methods.nse", "random.conf", "mt7621_switch_portMirror", "30-fs-configfs", "smb-print-text.nse", "Certum_EC-384_CA.crt", "dictionary", "http-stored-xss.nse", "SecureSign_RootCA11.crt", "12d1_0004", "vlan_portSetting.html", "constants.js", "libc6-i386_2.23-0ubuntu3_amd64.symbols", "libc6-i386_2.19-0ubuntu6_amd64.url", "libc6-i386_2.17-0ubuntu5.1_amd64.url", "smb-vuln-regsvc-dos.nse", "interface.sh", "npm-fund.md", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d0107b44401771de9ebf2", "irc-unrealircd-backdoor.nse", "http-vuln-misfortune-cookie.nse", "pptp-version.nse", "firmware_backuprestore.html", "system_routetbl.html", "unpublish.js", "account_mngt.html", "ldap-rootdse.nse", "l2tp-server", "https://github.com/vuejs/vue-devtools", "jquery.flot.barnumbers.js", "arp_defense", "01_leds", "7aaf71c0.0", "snmp.lua", "12d1:1f16", "sddm-:0-BoTuTx", "npm-exec.md", "hbase-region-info.nse", "emSign_ECC_Root_CA_-_G3.crt", "pppv6-up", "ltr.js", "09789157.0", "fuse.py", "1-lanhook.sh", "f249de83.0", "libc6-i386_2.3.6-0ubuntu20.6_amd64.symbols", "import_duplicity.py", "pptp-get-tuunel-info.sh", "cups-info.nse", "19d2:1528", "12d1:14ba", "0af0:7601", "style.css", "S96backup", "DigiCert_Trusted_Root_G4.crt", "0421:0610", "openvpn-client-connect.sh", "geoip", "12d1:15e7", "update-notifier.js", "jdwp-info.nse", "10-l2tp-pptp.sh", "npm-root.md", "e18bfb83.0", "IdenTrust_Public_Sector_Root_CA_1.crt", "SwissSign_Gold_CA_-_G2.crt", "99-ipt_urlset_target", "USERTrust_RSA_Certification_Authority.crt", "template-WaR2X6", "logging.md", "tar.js", "dependency-selectors.md", "led_set", "12d1:15cf", "telnet-encryption.nse", "SeTfdHELP", "SeTfull", "wizard.js", "5ad8a5d6.0", "smb-mbenum.nse", "NetworkManager-wait-online.service", "Entrust_Root_Certification_Authority.crt", "quick_setup.html", "vnet_init.sh", "broadcast-sybase-asa-discover.nse", "openvpn-client-disconnect.sh", "0b3c:f017", "19d2:1542", "ls (2).py", "explore.js", "S99zero_boot_done", "0af0:d058", "rtsp-url-brute.nse", "109b:f009", "ips_threat_management.html", "web_login.html", "30-gpio-button-hotplug", "22f4:0021", "usb_storage.html", "tabmenu.htm", "0a775a30.0", "89-portal", "npm-install-ci-test.md", "services (2)", "script.db", "modbus-discover.nse", "25-nls-cp852", "dhcp-discover.nse", "USERTrust_ECC_Certification_Authority.crt", "zone_core.sh", "cd58d51e.0", "30-ipsec", "certSIGN_ROOT_CA.crt", "balance_basic.html", "core_interface.sh", "vpn_peers.html", "wportal.html", "ftp.py", "pptp-client-add.sh", "smb-vuln-webexec.nse", "0af0:6791", "vlan_relationTbl.html", "S90ndppd", "05-lanv6", "19d2:1007", "Certigna_Root_CA.crt", "Entrust_Root_Certification_Authority_-_EC1.crt", "12d1:157d", "99-ipt_TRIGGER", "modemLedCtrl.sh", "03f0:002a", "http-rfi-spider.nse", "libc6-i386_2.23-0ubuntu10_amd64.info", "99-vnet.sh", "https://hybrid-analysis.com/file-collection/66057525d9b81759df06c4b5", "md5.conf", "osui.sock", "https://www.filescan.io/uploads/664799c9d5c40bffee6106d7", "http-vuln-cve2014-3704.nse", "zero_boot_done", "options.py", "https://tria.ge/240517-vqxezaaa33/behavioral1", "drecurse (2).py", "device_info", "cli_server", "ppp", "60-pptp-reload-rules.sh", "a.txt", "60-dnsmasq", "auto_backup", "19d2:0110", "nat.lua", "cn9130_switch_portPara", "de6d66f3.0", "pppox-remote-management-get-ippool.lua", "12d1:1583", "ipt-nfqueue", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667d01d2b67682d81c00f37b", "snmp-win32-software.nse", "0af0:d035", "tip.js", "libc6-i386_2.13-0ubuntu13_amd64.info", "failsafe", "0b3c:f000", "compat.py", "explain-eresolve.js", "ssl-enum-ciphers.nse", "25-nls-iso8859-15", "load_balance", "cli_interface_cmd.tree", "1-vnet_lanhook.sh", "cvs-brute.nse", "07d1:a804", "feffd413.0", "afp-serverinfo.nse", "GlobalSign_ECC_Root_CA_-_R5.crt", "03_preinit_do_ramips.sh", "nat_dmz.html", "19d2:1225", "70_initramfs_test", "init.js", "log-shim.js", "cli_ssh_cmd.tree", "prerelease.js", "http-vuln-cve2015-1427.nse", "S46iptv", "ipgroup_view.html", "openvas-otp-brute.nse", "broadcast-netbios-master-browser.nse", "procd.sh", "1614:0802", "main.sh", "hosts (2)", "19d2:fff5", "LICENSE", "connmark.conf", "asn-query.nse", "ms-sql-empty-password.nse", "39-gre", "S95mwan3", "web-auth.js", "http-svn-info.nse", "libc6-i386_2.13-20ubuntu5.3_amd64.info", "cell_valueheader.htm", "65-scsi-generic", "257a:b000", "ldap_profiles.html", "libc6-i386_2.30-0ubuntu2_amd64.info", "19d2:0053", "bloom.py", "certSIGN_Root_CA_G2.crt", "19d2:0169", "12d1:1f1e", "0af0:7706", "arborist", "show_interface_status.lua", "npm-unstar.md", "ldap-brute.nse", "230d:0001", "http-icloud-sendmsg.nse", "ddm.html", "ipgroup_address.html", "04bb:bccd", "002c0b4f.0", "mtab (2)", "libc6-i386_2.3.6-0ubuntu20.6_amd64.url", "metadata.py", "openssl.cnf", "huaweiinfo.gcom", "00-vpn_hook.sh", "0af0:d257", "ngx_sqlApi.lua", "tso-brute.nse", "libc6-i386_2.4-1ubuntu12_amd64.info", "148e:a000", "network_netlist.htm", "SSL.com_EV_Root_Certification_Authority_ECC.crt", "19d2:1233", "chart.js", "e73d606e.0", "12d1:1003", "ppp-down", "http-vuln-cve2011-3192.nse", "qos_cid.sh", "libc6-i386_2.30-4_amd64.symbols", "Starfield_Services_Root_Certificate_Authority_-_G2.crt", "50-arp_garp", "npm-ls.md", "issue (2)", "rusers.nse", "MozillaUpdateLock-7A4D7A8EFFB43502", "60-dhcpsvnet.sh", "65_nginx_sync.sh", "func.py", "ar9533_switch_portPara", "https://connect.facebook.net/signals/config/785878845108827", "12d1:1f07", "dns-update.nse", "dns-ip6-arpa-scan.nse", "S42ippool", "1782:0003", "devstatus", "30-fs-btrfs", "error500.htm", "zone-450", "https://www.googletagmanager.com/gtag/js?id=UA-36935570-1", "ftp-proftpd-backdoor.nse", "25-ddns", "12d1:1523", "http-server-header.nse", "dynamic_dns_noip.sh", "1edf:6003", "ipsec", "18-ipgroup", "SeTmedia", "libc6-i386_2.26-0ubuntu2.1_amd64.symbols", "checkout_info.py", "libc6-i386_2.19-18+deb8u10_amd64.url", "https://viz.greynoise.io/query/AS36351%20classification:%22malicious%22", "iax2-brute.nse", "K50dropbear", "INSCD", "http-waf-detect.nse", "ACCVRAIZ1.crt", "https://www.virustotal.com/graph/embed/g9453a2f58a3340f18120987c2b4d710dbb44ded88c434abf8894458a98c7bd4b?theme=dark", "time_mngt", "rescan-scsi-bus", "modules.ieee1394map", "ssl-known-key.nse", "controller.lock", "unbound.conf.back", "evdo.chat", "qipc_systemsem_xFMOjWbQizvIQbjaGodBkPpoECFzUYyznnjEncea48051f6b8a69e2450843f1f32c0bb393e04349", "25-nls-cp862", "ipsec.lua", "system_mode", "12d1:14c4", "https://www.proofpoint.com/us/blog/cloud-security/community-alert-ongoing-malicious-campaign-impacting-azure-cloud-environments", "citrix-enum-apps-xml.nse", "led_early", "application_filter.html", "S45firewall", "line_backup.html", "api_VPN.sh", "01-usb-led", "switch_functions", "did-you-mean.js", "libc6-i386_2.6.1-1ubuntu10_amd64.symbols", "win-utf", "257a:c000", "40-qos.sh", "70-switch.sh", "dnskey.conf", "des.conf", "https://hybrid-analysis.com/sample/ead272d3ccb36a5a827f80418096bfc30d1251bb739b06ff1711844d99d1b214/642d9de1e48d649afd01ad36", "targets-ipv6-multicast-invalid-dst.nse", "smb-enum-domains.nse", "firewall_zoneforwards.htm", "30-v6plus", "rpc-grind.nse", "prefix.js", "b529967783", "targets-traceroute.nse", "ld.so.conf", "wtmp", "DigiCert_Assured_ID_Root_CA.crt", "25-nls-cp850", "npm-dedupe.md", "sip-brute.nse", "broadcast-versant-locate.nse", "libc6-i386_2.7-10ubuntu8.3_amd64.url", "libc6-i386_2.31-0ubuntu6_amd64.info", "libc6-i386_2.30-0ubuntu2_amd64.symbols", "freeStrategy", "29-static_route", "S99sys_monitor", "rm (2).py", "core.sh", "ipsec_failover_process.sh", "50-usb-ohci", "find_index.lua", "https://www.virustotal.com/gui/collection/0ca12fcdd125ec5a5055180ee828b98d47b8b2e920660be559c2b602266b6b1d/iocs", "npx.md", "vpnlog", "0af0:7051", "appdist.html", "libc6-i386_2.11.1-0ubuntu7_amd64.info", "12d1:1f01", "svn-brute.nse", "redis-brute.nse", "nat_alg.sh", "ipt-conntrack-extra", "https://www.virustotal.com/graph/embed/gf1d5aa209c7f4fd086e4cb17dcd0af52421ea4bae87d49fe9b4076b382612f0e?theme=dark", "error.html", "90-urlset", "jquery.flot.pie.min.js", "oracle-brute-stealth.nse", "S96cmxddns", "application_list.html", "ipxd", "1bbb:f000", "S96static_route", "on__server.py", "ncm.json", "nat_core.sh", "libc6-i386_2.7-10ubuntu8.3_amd64.info", "ssh-run.nse", "mvalue.htm", "npm-install.md", "SeTpartitions (2)", "chap-secrets", "10-motion", "sslv2-drown.nse", "ipstat", "30-fs-xfs", "0e8d:7109", "0af0:6751", "ucitrack", "1fac:0032", "https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N", "http-brute.nse", "dnsmasq.conf", "19d2:ffe6", "nbstat.nse", "a1676298638", "b3336837578", "sshkey.conf", "96-phddns.sh", "rfkill", "349f2832.0", "dns-nsec3-enum.nse", "jdwp-version.nse", "S97session_limits", "30-tun", "docker-version.nse", "l2tp-get-tunnel-info.sh", "account.2ca6a054.js", "Baltimore_CyberTrust_Root.crt", "ncp-serverinfo.nse", "1bbb:f017", "148f:2578", "e113c810.0", "PROMPThelp (2)", "05c6:1000:uMa=Co.,Ltd", "rtl8367s_switch_globalLed", "realvnc-auth-bypass.nse", "ssl_vpn_status.html", "path.py", "198a:0003", "b81b93f0.0", "mysql-dump-hashes.nse", "dns-random-srcport.nse", "cache.js", "keyword.js", "nat_dmz_bypass.sh", "diag.sh", "openssl-1.0.0.cnf", "tree.py", "web_group.html", "S20geoip", "95-online.sh", "http-sap-netweaver-leak.nse", "daytime.nse", "rtl8367s_switch_portState", "XRamp_Global_CA_Root.crt", "list_idx.py", "tddp", "npm-login.md", "chat-get-qualcomm_1", "0af0:7801", "1c9e:9e00", "verify_pub.key", "number.js", "http-cisco-anyconnect.nse", "static_route", "98-ipsec.sh", "S70freeStrategy", "dns-check-zone.nse", "ipsec.secrets", "reboot_schedule.html", "22-qos-tplink", "31-iptunnel4", "e8de2f56.0", "ssh-brute.nse", "dynanmic_arpreq.sh", "40-bonding", "ie.css", "npm-outdated.md", "S99zzzzzsys_info", "online_check", "display.js", "K91network", "nat_common.sh", "http-gitweb-projects-enum.nse", "zone_init_all.sh", "quake3-info.nse", "krb5-enum-users.nse", "ISRG_Root_X1.crt", "pack.js", "3g.chat", "http-vuln-cve2014-2126.nse", "54-usb3", "passwd", "dia_info.html", "tso-enum.nse", "dhcp.sh", "no_ads.txt", "b.txt:ads.txt", "termcap", "sbom-spdx.js", "nopartHELP", "usb_backup.html", "installpkg", "libc6-i386_2.15-0ubuntu20_amd64.info", "SeTnopart", "S99zzddns", "probe", "dictionary.sip", "60-dnsmasq.sh", "TeliaSonera_Root_CA_v1.crt", "0af0:6811", "S19vnet", "pubkey.conf", "getimsi.gcom", "modules.dep", "230d:000b", "INShd (2)", "netbus-brute.nse", "1004:61eb", "rtl8367s_switch_init", "ncp-enum-users.nse", "acl_delete_rule.lua", "mt7621_switch_portVlan", "4304c5e5.0", "https://hybrid-analysis.com/sample/3243e4a1f5a075f4d57121d5738d321dcd7e4c79bd96828442e351f660b60dc3/642d9d9c7cb35d938c068be9", "http-adobe-coldfusion-apsa1301.nse", "1f28:0021", "12d1_0003", "broadcast-wpad-discover.nse", "afp-showmount.nse", "06-wan_log", "smb-psexec.nse", "netbus-info.nse", "30-fs-hfs", "libc6-i386_2.21-0ubuntu4.3_amd64.info", "mongodb-databases.nse", "Go_Daddy_Root_Certificate_Authority_-_G2.crt", "https://viz.greynoise.io/query/AS8075%20classification:%22malicious%22", "07_set_preinit_iface_ramips", "run-script.js", "npm-uninstall.md", "1c9e:f000", "NetLock_Arany_=Class_Gold=_F?tan\u00fas\u00edtv\u00e1ny.crt", "1d09:1000", "hadoop-tasktracker-info.nse", "0af0:7a01", "20-firewall", "libc6-i386_2.5-0ubuntu14_amd64.info", "npm-help.md", "50-l2tp-up-down.sh", "koi-utf", "restart.js", "leds.sh", "f0c70a8d.0", "dynamic_dns_updater.sh", "qos_delete_rule.lua", "http-joomla-brute.nse", "libc6-i386_2.8~20080505-0ubuntu7_amd64.info", "libc6-i386_2.30-4_amd64.info", "get-workspaces.js", "pgsql-brute.nse", "smb-server-stats.nse", "libc6-i386_2.4-1ubuntu12.3_amd64.url", "allseeingeye-info.nse", "90-xt_dosdrop", "106f3e4d.0", "SecureTrust_CA.crt", "improxy", "pwdgrp.py", "98-iptv.sh", "broadcast-pppoe-discover.nse", "1c9e:6061:uPr=Storage", "230d:000d", "system.sh", "switch_portStatus.html", "libc6-i386_2.11.1-0ubuntu7.12_amd64.info", "https://us-test-sandbox.recordedfuture.com/240617-g49essyaqa", "0e8d:0002:uPr=MT", "libc6-i386_2.24-3ubuntu1_amd64.url", "targets-ipv6-multicast-echo.nse", "sendcmd.rc", "ifrestart", "libc6-i386_2.13-0ubuntu13.2_amd64.url", "40-usb2", "dbus-K5ae4EDHao", "dhcp6c", "libc6-i386_2.10.1-0ubuntu19_amd64.info", "simpleform.htm", "libc6-i386_2.17-0ubuntu5_amd64.symbols", "ANF_Secure_Server_Root_CA.crt", "nat-pmp-mapport.nse", "ip-geolocation-map-google.nse", "vulners.nse", "libc6-i386_2.19-18+deb8u10_amd64.info", "85-nm-unmanaged.rules", "ganglia-info.nse", "libcrypto.pc", "25-nls-iso8859-1", "S92qos_ctl", "19d2:0154", "mt7621_switch_globalLed", "ubnt.sh", "publish.js", "libc6-i386_2.9-4ubuntu6_amd64.url", "HOSTNAME", "https://www.virustotal.com/gui/collection/b84a19d60ec7cd6d546a3f145dff8987128d0f499161118b46de22718d4713cd/graph", "12d1:1f17", "ipsec_vnet.sh", "3513523f.0", "INSfd", "https://bcprm.com/promo.php?c=716918&type=embed_chat&page=popular_chat&top_model=1&stream_only_size=full", "http-vuln-cve2010-0738.nse", "tmp.QMAjonKZB0", "libc6-i386_2.17-0ubuntu5.1_amd64.symbols", "0bdb:1910", "preinit.sh", "node-which", "rtl8367s_switch_portMirror", "ipmi-cipher-zero.nse", "dns_dot.html", "libc6-i386_2.12.1-0ubuntu6_amd64.symbols", "semver.js", "cics-user-brute.nse", "bf53fb88.0", "broadcast-hid-discoveryd.nse", "openwrt_release", "issue", "dpi_log_database.sh", "00_uhttpd_ubus", "getcardinfo.gcom", "http-errors.nse", "nand.sh", "0d46:45a5", "19d2:0266", "https://hybrid-analysis.com/sample/babc94597eadb83b520d6a46a57ef2ad963683aef1ff2fc6fa9ba5e98e78e008/6604e16b6b94878cbb062194", "pre_setting_config.sh", "ifstat-mini", "options.default", "40-fs-nfs", "0af0:6771", "S99enablemodem", "version (2).py", "https://widget.trustpilot.com/trustboxes/5613c9cde69ddc09340c6beb/index.html?templateld=5613c9cde69ddc09340c6beb&businessunitld=55e46b640000ff000582c91e#locale=en-GB&styleHeight=100%25&styleWidth=100%25&theme=light", "ms-sql-hasdbaccess.nse", "201e:2009", "broadcast-avahi-dos.nse", "GTS_Root_R4.crt", "S95done", "hadoop-secondary-namenode-info.nse", "install.md", "login (2).defs", "jshn.sh", "libc6-i386_2.19-18+deb8u10_amd64.symbols", "99-hotplug_done", "s7-info.nse", "40_run_failsafe_hook", "audit-error.js", "S99zzomada_server", "installed-deep.js", "markdef.sh", "switch_portLimit.html", "ipt-nathelper", "32-ipsec4", "bacnet-info.nse", "75d1b2ed.0", "http-apache-server-status.nse", "0af0:9200", "jquery.flot.crosshair.js", "12d1:1f09", "package-spec.md", "package.json", "vnc-brute.nse", "https://cdn.livechatinc.com/tracking.js", "openvpn-easy-rsa", "19d2:1013", "npm-unpublish.md", "0af0:d155", "quake3-master-getservers.nse", "e868b802.0", "portrange.js", "sysparams_net.sh", "indexer.htm", "obexstress", "ms-sql-query.nse", "gpsd-info.nse", "12d1:14b5", "16d8:6281", "url_filtering.html", "acl_timeobj.lua", "2262:0001", "crt.sed", "portal_status.sh", "INShd", ".zcompdump-m1904-5.9", "SSL.com_Root_Certification_Authority_ECC.crt", "common.sh", "0922:1001", "arp_scan_range", "106c:3b05", "core_init.sh", "smtp-vuln-cve2011-1764.nse", "https://cdn.staticfile.org/jquery/3.6.0/jquery.min.js", "0408:ea43", "npm-explore.md", "smschk.gcom", "http-trane-info.nse", "libc6-i386_2.26-0ubuntu2_amd64.url", "S46netbios_passthrough", "15-mwan3", "radvd", "pcauth.js", "1e08bfd1.0", "https://www.virustotal.com/gui/file/ea8490563a229b89f2b779217938f9eb2bcf93dd89de9f7fc5c035632f0934b5/relations", "30-fs-cramfs", "00-netstate", "2001:a708", "core_global.sh", "http-devframework.nse", "online", "portal_mgmt_monitor.sh", "19d2_0001", "clean.js", "S31tmngtd", "targets-ipv6-multicast-slaac.nse", "uci_firewall.sh", "hadoop-jobtracker-info.nse", "vmauthd-brute.nse", "https://viz.greynoise.io/query/AS15169%20classification:%22malicious%22", "fw", "ssl-ccs-injection.nse", "ssl-dh-params.nse", "90-xt_doslogonly", "maxdb-info.nse", "http-open-proxy.nse", "about.svg", "SwissSign_Silver_CA_-_G2.crt", "arp_scan.html", "S96upnp", "AffirmTrust_Commercial.crt", "0cf3:20ff", "40-load_balance", "remote_mngt.sh", "get_temperature.sh", "230d:0103", "1033:0035", "amqp-info.nse", "debug.js", "https://tria.ge/240517-t9pc2ahb2t", "led", "switch_portStatistics.html", "libc6-i386_2.17-0ubuntu5.1_amd64.info", "smb-os-discovery.nse", "npm-completion.md", "https://hybrid-analysis.com/sample/843923233cd86185dc3983fbe0fe3be72c6aeef0372db6c076287befc9d3fc5b/642d9d1695c2babbb70478eb", "remote_mngt.html", "db2-das-info.nse", "l2tp-server.reference", "notes.txt", "fund.js", "ssh.lua", "ipv6-multicast-mld-list.nse", "http-qnap-nas-info.nse", "6fa5da56.0", "cmd-list.js", "dnssecquery.sh", "usb-serial-wwan", "92-pppox-vpn.sh", "91-gre.sh", "access.lua", "libnm-device-plugin-team.la", "ld.so (2).conf", "qos_mark.sh", "40-fs-nfsd", "rsa-vuln-roca.nse", "ms-sql-ntlm-info.nse", "04e8:f000:sMo=U209", "https://cdn.staticfile.org/qrcodejs/1.0.0/qrcode.min.js", "encrypt.js", "xhr.js", "1ee8:0060", "qos_config_sync.lua", "90-xt_qoslimit", "4042bcee.0", "controller_setting.html", "getisp.sh", "broadcast-pim-discovery.nse", "gkrellm-info.nse", "https://cdn.staticfile.org/clipboard.js/2.0.8/clipboard.min.js", "http-dlink-backdoor.nse", "Microsec_e-Szigno_Root_CA_2009.crt", "10-policy_route.sh", "dns_doh.html", "2923b3f9.0", "subset.js", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767", "vnetwork", "value.htm", "20b9:1682", "S47flood_defense", "UCA_Extended_Validation_Root.crt", "usb-net", "prune_older.py", "198f:bccd", "gre", "libc6-i386_2.6.1-1ubuntu10_amd64.url", "0af0:8400", "ipt-conntrack", "vpn_general.html", "host.conf", "http-icloud-findmyiphone.nse", "40-remote_mngt", "ppp-dhcp6c.script", "docs.js", "ndmp-fs-info.nse", "1dd6:1000", "1c9e:9401", "https://www.virustotal.com/graph/embed/g157209fb9f6643a8bc819522fd9e644c70ae0f541aa347b4aa19b1636ee6d556?theme=dark", "0421:0618", "max-satisfying.js", "ar9533_switch_portMirror", "irc-botnet-channels.nse", "ncm.sh", "omp2-brute.nse", "irc-brute.nse", "smb2-security-mode.nse", "S99avahi-daemon", "25-nls-iso8859-8", "outside.js", "access.js", "avahi-daemon", "0af0:d055", "logout.js", "1c9e:9e08", "20-upnp", "0ace:20ff", "su.full.min.js", "l2tp_global.html", "libc6-i386_2.4-1ubuntu12.3_amd64.info", "91-xt_authlimit", "dictionary.compat", "5e98733a.0", "cc450945.0", "interface.html", "pop3-brute.nse", "vt300", "nm-shared.xml", "cli_clock_cmd.tree", "DigiCert_Global_Root_CA.crt", "getip.sh", "65-wifidog.sh", "nfnetlink", "S91wireguard", "1d3472b9.0", "http-fetch.nse", "libc6-i386_2.13-0ubuntu13_amd64.url", "22de:6803", "outdated.js", "smtp-strangeport.nse", "workspaces.md", "S15loggerd", "mt7628_switch_portState", "usbmodem_log.sh", "epmd-info.nse", "02-usb-auto-scan", "dynddns.html", "libc6-i386_2.4-1ubuntu12_amd64.url", "GlobalSign_Root_CA_-_R2.crt", "8d89cda1.0", "targets-asn.nse", "97-mwan3.sh", "0af0:8300", "25-nls-cp437", "10-pppox-response-nat.sh", "cli.js", "1da5:f000", "12d1_0002", "hddtemp-info.nse", "installpkg (2)", "http-grep.nse", "start_rule.sh", "modem-gsm-test-anydata.gcom", "25-nls-cp864", "1bbb:022c", "grid.js", "cat_file.py", "dc4d6a89.0", "ifup", "npm.js", "libc6-i386_2.24-9ubuntu2_amd64.url", "show_if_help.lua", "6rd.sh", "1c9e:6000", "version.js", "sysctl.conf", "libnm-device-plugin-adsl.la", "pppoe", "S80websort", "ipt-filter", "arborist-cmd.js", "22de:6801", "search_tty.lua", "12d1:1c0b", "96-noipddns.sh", "11_migrate-sysctl", "ipcalc.sh", "1ee8:0054", "nat_log.sh", "ca6e4ad9.0", "NetworkManager.service", "0408:ea25", "open-url.js", "stop.js", "99-mdns.sh", "ftp-bounce.nse", "pppox-wheader.sh", "min-satisfying.js", "25-nls-cp1250", "view.js", "https://www.virustotal.com/gui/collection/bd65940df2423788fcc8623495dfdafdfd4236d93533db0256db5ff4347b65f9/iocs", "wsdd-discover.nse", "libc6-i386_2.29-0ubuntu2_amd64.info", "0af0:6971", "K10openvpn", "99-wan_hook.sh", "install-ci-test.js", "qos_Band_ctrl.html", "mmc", "libc6-i386_2.15-0ubuntu20.2_amd64.url", "Amazon_Root_CA_4.crt", "constraints.conf", "broadcast-ms-sql-discover.nse", "ip-forwarding.nse", "0af0:9000", "ipt-extra", "6to4.sh", "completion.sh", "usb-storage-extras", "core_rule.sh", "citrix-enum-servers-xml.nse", "K98boot", "sysctl", "ipt-ipopt", "ipset.debug", "1bbb:000f", "23a2:1010", "http-vuln-cve2013-0156.nse", "npm-publish.md", "19d2:1520", "Microsoft_RSA_Root_Certificate_Authority_2017.crt", "ipsec_generate_domain.sh", "midx.py", "ucisection.htm", "switch_portVlan.html", "imurmurhash.min.js", "K26pppox", "virtual_server.html", "nbd-info.nse", "rcompare.js", "clock-skew.nse", "session_monitor.html", "pkcs12.conf", "timeobj_cron_api.sh", "ssl-date.nse", "gc.py", "nwadditional", "gmp.conf", "S98ipsec_failover", "qos_api.sh", "unlock_pin.sh", "nrpe-enum.nse", "server-cert.pem", "30-fs-reiserfs", "fox-info.nse", "waitingbar.js", "fa5da96b.0", "telnet-ntlm-info.nse", "dns-service-discovery.nse", "libc6-i386_2.19-10ubuntu2.3_amd64.info", "0af0:7211", "libnm-ppp-plugin.la", "radiusclient-ng.h", "coerce.js", "12d1:1449", "mt7628_switch_init", "shells (2)", "https://payvtylhwjxnr.xyz/Content/style?v=1", "rc.ieee1394", "libc6-i386_2.19-10ubuntu2.3_amd64.url", "https://www.hudsonrock.com/search?domain=ualberta.ca", "libc6-i386_2.15-0ubuntu20.2_amd64.info", "uci.sh", "50-l2tp-lowerif-up-down.sh", "ipsec_handle_iptables.sh", "inittab (2)", "10_indicate_failsafe", "userconfig.sh", "styles.css", "ldd", "SeTfdHELP (2)", "90-xt_CTSTATEMARK", "0fce:d0cf", "02-vnet.sh", "19d2:1207", "COMODO_RSA_Certification_Authority.crt", "84-nm-drivers.rules", "identifiers.js", "npm-ci.md", "vdecmd", "broadcast-sonicwall-discover.nse", "core_ipgroup.sh", "http-aspnet-debug.nse", "xstat (2).py", "tblsection.htm", "handle_card.sh", "ar8327_switch_init", "dnssec.html", "S00zombie_monitor", "12d1:1414", "22-imb", "ipt-nat", "firmware_upgrade.html", "2001:a401", "libc6-i386_2.13-0ubuntu13.2_amd64.info", "2001:a405", "hnap-info.nse", "OISTE_WISeKey_Global_Root_GB_CA.crt", "http-form-fuzzer.nse", "dhcp.lua", "targets-sniffer.nse", "E-Tugra_Certification_Authority.crt", "directip.gcom", "1c9e:9d00", "qos_Traffic.html", "05c6:1000:uMa=SAMSUNG", "90-xt_ipsecmark", "broadcast-wake-on-lan.nse", "TrustCor_ECA-1.crt", "ipv6group_group.html", "02265526.0", "c28a8a30.0", "14bc7599.0", "Starfield_Class_2_CA.crt", "luci-reload", "package-lock-json.md", "tddpd", "SSL.com_Root_Certification_Authority_RSA.crt", "Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt", "0af0:8600", "qos.html", "12d1:1031", "dslite.sh", "sessmngr.html", "getcarrier.gcom", "https://hostkey.com/hk/widgets/ext/build/stock.bundle.js", "SeTnopart (2)", "http-virustotal.nse", "smb-ls.nse", "80-fuse", "pptp-tunnel-action.sh", "057c:62ff", "vnet_zone_init.sh", "gre_common.sh", "smb-vuln-conficker.nse", "usb-net-qmi-wwan", "https://imp0rtp3.wordpress.com/2021/08/12/tetris/", "pd_api.sh", "webfilter_func.sh", "89-remote_mngt.sh", "libc6-i386_2.9-4ubuntu6_amd64.symbols", "snmpd-static", "freeStrategy_backup.sh", "12d1:15cd", "exec.js", "pptp-global", "15-mii", "netbios_passthrough", "pppox-begin-reload-user.sh", "https://tria.ge/240517-vc7c1shc62/behavioral1", "jquery.min.js", "wifidog-init", "libc6-i386_2.31-0ubuntu6_amd64.symbols", "S72sfe", "openvpn-server-down.sh", "http-robots.txt.nse", "broadcast-rip-discover.nse", "dpi_tmngtd.sh", "98-load_balance", "add_delete_tuple.sh", "cli_vlan_cmd.tree", ".X1-lock", "backup", "chat-gsm-test-qualcomm", "40193066.0", "ifdown-l2tp.sh", "app.manifest", "sort.js", "dhcps.sh", "19d2:0166", "10-rt2x00-eeprom", "satisfies.js", "http-robtex-reverse-ip.nse", "1307:1169", "query.js", "registry.md", "group (2)", "AffirmTrust_Premium_ECC.crt", "1ee8:0018", "usermngr", "libc6-i386_2.6.1-1ubuntu9_amd64.info", "1004:613a", "core_tpfirewall.sh", "03179a64.0", "get-vpn-ip.sh", "l2tp-ipsec-up-down.sh", "https://web.op39v.xyz/js/chunk-vendors.js", "metasploit-msgrpc-brute.nse", "ajp-auth.nse", "19d2:1038", "40-fs-msdos", "bwlist_qq.html", "S96load_balance", "npm-audit.md", "19d2:1201", "parse-options.js", "http-axis2-dir-traversal.nse", "pcanywhere-brute.nse", "log_awk", "0af0:6951", "about_hover.svg", "libc6-i386_2.19-10ubuntu2.3_amd64.symbols", "openvpn-client-down.sh", "19d2:0413", "0421:061d", "0685:2000", "whois-domain.nse", "smb-webexec-exploit.nse", "pppox-header.sh", "cics-enum.nse", "ce5e74ef.0", "broadcast-dhcp-discover.nse", "zgrep", "check_switchmode.lua", "scripts", "S95ipstat", "???? ????????.txt", "30-fs-udf", "pkgtool", "link.js", "libnm.la", "25-nls-iso8859-13", "omada-tool.conf", "xfe-IP-172.67.151.101-stix2-2.1-export.json", "impress-remote-discover.nse", "98_10_mtk_failsafe_init", "distcc-cve2004-2687.nse", "http-vuln-cve2017-1001000.nse", "location.json", "S50qos-tplink", "25-nls-koi8r", "19d2:#linux", "apply_xhr.htm", "openvpn_tunnel.html", "profile (2)", "network.sh", "broadcast-ripng-discover.nse", "f39fc864.0", "ajp-headers.nse", "1410:5023", "1410:7001", "https://www.virustotal.com/gui/collection/d6ec969e2e2b76f2bdb3b75595c50b9bfea53d730e2be98936896a3d110c3531", "257a:a000", "socket-default.conf", "pppol2tp", "interface_wan_standalone.html", "https://viz.greynoise.io/analysis/001f6d4e-555b-49d3-a714-e71deea739d0", "libc6-i386_2.24-3ubuntu1_amd64.info", "pptp-client-update.sh", "bup-import-rsnapshot", "ipmi-version.nse", "__init__.py", "http-wordpress-enum.nse", "20-fs-exportfs", "couchdb-databases.nse", "freePolicy", "macFiltering.html", "ipv6-ra-flood.nse", "libc6-i386_2.15-0ubuntu10.18_amd64.info", "09_fix-seama-header", "login.sh", "run-at.gcom", "memtest.py", "https://viz.greynoise.io/query/AS60068%20classification:%22malicious%22", "0421:0637", "http-fileupload-exploiter.nse", "40-pppoa", "https://hybrid-analysis.com/sample/d714e2a850645f9a0f8f3785dd0eedd47a417417bed470b968e0f6a1a2e746e6/652cf1f4243d9d03b90f74a1", "dhcp6sctlkey", "eppc-enum-processes.nse", "http-open-redirect.nse", "e36a6752.0", "TrustCor_RootCert_CA-2.crt", "qos_VoIP.html", "oracle-tns-version.nse", "restorefactory", "12d1:1553", "ipv6_lan.html", "gc (2).py", "vt300 (2)", "x509.conf", "https://www.google.com/recaptcha/enterprise.js?&render=6LeY5wkeAAAAAHNlJZXiHgJrpCTsD-Qu0O2GlYgB", "GTS_Root_R2.crt", "INSfd (2)", "https://s9.cnzz.com/z_stat.php?id=1280740152&web_id=1280740152", "21f5:3010", "DigiCert_High_Assurance_EV_Root_CA.crt", "vars", "network_ifacelist.htm", "su.js", "libc6-i386_2.19-0ubuntu6.15_amd64.info", "99-nginx.sh", "65-iptv", "murmur2", "91-authlimit", "S60dnsmasq", "libc6-i386_2.19-10ubuntu2_amd64.url", "ifdown", "https://hostkey.postaffiliatepro.com/scripts/Oy173jux8", "ajp-brute.nse", "wireguard_interface", "90-vpn", "dd8e9d41.0", "http-mobileversion-checker.nse", "umount", "usb-net-cdc-ncm", "mt7628_switch_portMirror", "sniffer-detect.nse", "https://www.virustotal.com/graph/embed/g5d8ecedaf40940ec8c84636da79426ec6a5f316d51874b499b47a02a8cef4a21?theme=dark", "cli_ospf.lua", "22-access_ctl.sh", "radiusclient.conf", "hadoop-datanode-info.nse", "action_check.html", "jquery.flot.fillbetween.js", "traceroute-geolocation.nse", "ssh-publickey-acceptance.nse", "https://viz.greynoise.io/analysis/e51d9a15-d802-4d51-9a70-17803dc2693a", "0af0:8700", "http-methods.nse", "19d2:0120", "2020:f00e", "afp-brute.nse", "sddm-auth-52b94a64-454a-4d7f-903e-32df6aac784a", "dynamic_dns_functions.sh", "libc6-i386_2.3.6-0ubuntu20.6_amd64.info", "https://www.filescan.io/uploads/68b261771c81c34281d8af6d/reports/44924eb0-000d-42ad-944e-36bf849a406d/overview", "modem-gsm-test-qualcomm.gcom", "telnet-brute.nse", "region.js", "clamav-exec.nse", "smtp-ntlm-info.nse", "routing.lua", "pppox-reload-user.sh", "jquery.json-2.4.min.js", "sysupgrade", "source_info.py", "fs-exfat", "pppox-load-user.lua", "modem_scan.sh", "ips_stats.html", "S96sysntpd", "19d2:fff6", "99-balance_route", "time_setting.html", "libc6-i386_2.7-10ubuntu3_amd64.url", "https://www.virustotal.com/gui/collection/d6ec969e2e2b76f2bdb3b75595c50b9bfea53d730e2be98936896a3d110c3531/iocs", "12d1:157c", "dict-info.nse", "1004:6190", "qos_core.sh", "http-vhosts.nse", "interface_mac.html", "ssl_vpn_auth.html", "access_dir_help.lua", "accountmgnt.lua", "gte.js", "12d1:1001", "DigiCert_Assured_ID_Root_G2.crt", "mt7628_register", "find-dupes.js", "help.py", "libc6-i386_2.30-4_amd64.url", "072f:100d", "rpcap-info.nse", "ecmp.lua", "preview_remind.html", "access_ctl", "webfilter", "25-nls-cp775", "libssl.pc", "wireguard_peers", "https://us-test-sandbox.recordedfuture.com/240617-jak68azfqa", "rt_tables", "http-xssed.nse", "libc6-i386_2.11.1-0ubuntu7.11_amd64.symbols", "openssl.conf", "audit.js", "libc6-i386_2.15-0ubuntu10_amd64.url", "19d2:1001", "http-ls.nse", "npm-diff.md", "buttongroup.js", "12_network-generate-ula", "html5.js", "http-barracuda-dir-traversal.nse", "20-firewall.sh", "SeTconfig (2)", "02_default_set_state", "usb-net-ipheth", "if-do-timeobj.sh", "libc6-i386_2.13-20ubuntu5.3_amd64.symbols", "http-domino-enum-passwords.nse", "online_api.sh", "K90ipv6", "appflow_statistics.html", "locale", "libc6-i386_2.15-0ubuntu10_amd64.info", "smb-vuln-ms08-067.nse", "otplease.js", "http-cakephp-version.nse", "1de1:1101", "rc.common", "auth-owners.nse", "isns-info.nse", "20-usb-core", "dialogrc (2)", "parse.js", "ips_signature_suppression.html", "NetworkManager-dispatcher.service", "nm-pppd-plugin.la", "rtl8367s_switch_portPara", "ftp-anon.nse", "ipsec_monitor_tunnel.sh", "https://web.op39v.xyz/js/chunk-common.js", "page.js", "ip_stats.html", "ppp.sh", "ifup-l2tp.sh", "Izenpe.com.crt", "shrinkwrap.js", "controller.conf", "libc6-i386_2.23-0ubuntu11_amd64.info", "92-dynamic_route", "pptp-option.sh", "064e0aa9.0", "lexmark-config.nse", "xauth-generic.conf", "io.py", "broadcast-eigrp-discovery.nse", "versant-info.nse", "ovs-agent-version.nse", "wifidog-msg.html", "40547a79.0", "is-windows.js", "ms-sql-dump-hashes.nse", "style-simple-follow.css", "netifd-proto.sh", "mongodb-brute.nse", "cmp.js", "npm-start.md", "npm-team.md", "http-vuln-cve2017-5638.nse", "default.script", "nopartHELP (2)", "xmlrpc-methods.nse", "interface.lua", "SeTconfig", "libc6-i386_2.10.1-0ubuntu15_amd64.info", "https://web.op39v.xyz/?channelCode=pingguo", "ipt-ipv4options", "http-proxy-brute.nse", "04cc:226e", "root.js", "2020:0002", "S99switch", "to-comparators.js", "S60pptpd", "session_limits", "5f15c80c.0", "98-ipt_webfilter_match", "nonce.conf", "l2tp_tunnel.html", "libc6-i386_2.17-0ubuntu5_amd64.url", "15-online.sh", "http-iis-short-name-brute.nse", "bridge.html", "smb-vuln-ms06-025.nse", "dns-nsec-enum.nse", "libc6-i386_2.15-0ubuntu20_amd64.symbols", "15eb:7153", "openvpn-client-routeup.sh", "http-vuln-cve2013-6786.nse", "wizard.html", "char_conv.sh", "tpcmd.sh", "ip-geolocation-map-bing.nse", "removal.md", "filesize", "https://www.criminalip.io/domain/report?scan_id=13798622", "policy_route", "afp-ls.nse", "0b3c:f00c", "S25zone", "cbf06781.0", "policy_routing.html", "5273a94c.0", "d887a5bb.0", "acl_timeobj_v6.lua", "unusual-port.nse", "snmp-info.nse", "ip-geolocation-geoplugin.nse", "textbox.js", "org.js", "queryable.js", "base-files", "pppox-remote-management.sh", "0af0:8006", "custom_dhcp", "76cb8f92.0", "32-ip6-tunnel", "libc6-i386_2.10.1-0ubuntu15_amd64.url", "S60monitor", "http-security-headers.nse", "https://www.filescan.io/uploads/666d69ff6b8dba248b414767/reports/dda2c8a1-96fd-4c00-9cbc-c64c4685a804/overview", "libc6-i386_2.19-0ubuntu6.15_amd64.url", "split.py", "http-awstatstotals-exec.nse", "e-Szigno_Root_CA_2017.crt", "backup.sh", "mysql-variables.nse", "pulse-till-done.js", "http-vuln-wnr1000-creds.nse", "valueheader.htm", "05c6:1000:uMa=DGT", "230d:0101", "qos_ctl", "ffff_0002", "x.jnlp", "mt7621_switch_portStatistic", "05-liblogger", "connect-ppp.gcom", "ip-https-discover.nse", "a4033901479", "S50pppox", "rfc868-time.nse", "termcap (2)", "vlan", "dns-random-txid.nse", "libc6-i386_2.11.1-0ubuntu7_amd64.url", "5f618aec.0", "12d1:15ca", "http-date.nse", "GLOBALTRUST_2020.crt", "nat_vs.sh", "rpcap-brute.nse", "empty.lock~", "broadcast-bjnp-discover.nse", "cellinfo.gcom", "a94d09e5.0", "1004:1000", "time_setting", "citrix-enum-servers.nse", "client.key", "10a9:606f", "access_time_help.lua", "https-redirect.nse", "status.js", "10_indicate_preinit", "50-improxy", "pkg.js", "mysql-query.nse", "1d09:1021", "re.js", "git.py", "fsck.ext3", "zone_init.sh", "50-xt_flood", "wifi", "auth-spoof.nse", "static_routing.html", "empty", "web.py", "1614:0800", "system_log.html", "pptp-ifdevice-info.sh", "wifidog.conf", "rpcinfo.nse", "nf-conntrack-netlink", "pppox-reload-user.lua", "vnc-info.nse", "install-test.js", "https://payvtylhwjxnr.xyz/Content/css/banks.css", "http-google-malware.nse", "12d1:1da1", "S47imb", "SeTfull (2)", "smb-vuln-ms10-061.nse", "pkgtool (2)", "http-slowloris-check.nse", "sysntpd", "inittab", "rebuild.js", "npm-update.md", "30-fs-isofs", "ssh2-enum-algos.nse", "nfnetlink-queue", "broadcast-upnp-info.nse", "owner.js", "libnm-device-plugin-ovs.la", "ar8327_switch_portStatistic", "nessus-xmlrpc-brute.nse", "https://tenantresolution.pingcastle.com/Search - Tenant still active (07.19.24) - Good jobs ya'll", "40-qos", "usb-net-cdc-mbim", "ldap.conf", "index.txt", "ventrilo-info.nse", "npm-repo.md", "http-coldfusion-subzero.nse", "dynlist.htm", "http-internal-ip-disclosure.nse", "57bcb2da.0", "dhcp_server.html", "libc6-i386_2.13-20ubuntu5.2_amd64.symbols", "Certum_Trusted_Network_CA.crt", "broadcast-dropbox-listener.nse", "mqtt-subscribe.nse", "group", "login.4f52b876.js", "98-ipt_url_dns_match", "SeTPKG", "PROMPThelp", "04-ipv6", "2001:a403", "config.md", "https://admin.verbox.ru/support/support.js?h=afe80d31a1cabd6ae5c00580688f27d2", "72-wan_ip_alias", "1fac:0150", "ar9533_switch_portRateControl", "libc6-i386_2.19-0ubuntu6_amd64.info", "cassandra-info.nse", "upnp-info.nse", "0bdb:190d", "system_state.html", "https://hybrid-analysis.com/file-collection/6604df33503d4a306e01c776", "libc6-i386_2.24-9ubuntu2.2_amd64.url", "12d1:1582", "emSign_ECC_Root_CA_-_C3.crt", "19d2:1514", "chat-gsm-test-anydata", "99-load_balance.sh", "libc6-i386_2.21-0ubuntu4.3_amd64.symbols", "12d1:14fe", "cn9130_switch_init", "libc6-i386_2.28-10_amd64.url", "access_ip_help.lua", "informix-brute.nse", "cli_routing_cmd.tree", "core_acl.sh", "libstdc++.so.6.0.21-gdb.py", "iax2-version.nse", "05c6:1000:sVe=GT", "Network_Solutions_Certificate_Authority.crt", "0af0:8200", "2001:a706", "l2tp.sh", "npm-profile.md", "iptv", "shquote.py", "https://us-test-sandbox.recordedfuture.com/240617-h53t3stfmj", "80-balance.sh", "print_server.html", "mac_filter", "monitor", "S80usbmuxd", ".X1025-lock", "memcached-info.nse", "libc6-i386_2.8~20080505-0ubuntu9_amd64.info", "https://www.virustotal.com/gui/collection/33a61b144ffdece76551464e76866ab59346f0fa3f1f97380b401c1ac3f0d305/iocs", "tsection.htm", "ar9533_switch_portVlan", "smtp-commands.nse", "attack-defense.html", "0af0:d357", "ntp-info.nse", "url_filter", "https://masterhost.ru/s/masterhost_v2/build/js/app.js?v=WivgGVzt/Ynv", "http-cross-domain-policy.nse", "Trustwave_Global_Certification_Authority.crt", "browser.htm", "0af0:d255", "ar8327_register", "protofind.lua", "0af0:7a05", "flume-master-info.nse", "97-load_balance.sh", "19d2:1511", "https://i.bcicdn.com/js-min/1NCJjq/27984029c73362dbf9ec0727.js", "usb-net-cdc-ether", "CA_Disig_Root_R2.crt", "libc6-i386_2.23-0ubuntu10_amd64.url", "0af0:6911", "libc6-i386_2.13-20ubuntu5.2_amd64.url", "damage.py", "xfe-URL-hyqxsnjj.com-stix2-2.1-export.json", "helpers.py", "securetty", "npm-adduser.md", "openvpn_server.html", "cfdisk (2)", "19d2:ffde", "reify-finish.js", "fingerprint-strings.nse", "30-fs-minix", "splitaccess", "12d1:1f15", "https://urlscan.io/search/#ualberta.ca", "folders.md", "port-id-map", "05c6:1000:sVe=Option", "ffff_0003", "libopenldap", "dnsproxy.html", "nullsection.htm", "options.pptp", "https://us-test-sandbox.recordedfuture.com/240617-h4dhsszdkg", "rlogin-brute.nse", "32888f65.0", "SeTpasswd", "Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt", "749e9e03.0", "wechat.html", "http-headers.nse", "DigiCert_Assured_ID_Root_G3.crt", "https://www.virustotal.com/graph/embed/g0cfdc207f7d14c9a9173c2f9b804dd92b17706ef2a8c41dba3e0af36353cd70b?theme=dark", "DigiCert_Global_Root_G2.crt", "std", "libc6-i386_2.28-10_amd64.symbols", "http-userdir-enum.nse", "S26time_setting", "major.js", "fcrdns.nse", "libc6-i386_2.7-10ubuntu3_amd64.symbols", "msrpc-enum.nse", "libc6-i386_2.23-0ubuntu3_amd64.url", "smb-brute.nse", "nat_napt.sh", "README.md", "npm-pack.md", "gettime.sh", "1410:5055", "xdmcp-discover.nse", "96-dynddns.sh", "1fac:0151", "sslv2.nse", "openvpn_user", "S20network", "ldap", "skypev2-version.nse", "rsort.js", "npm-shrinkwrap-json.md", "8cb5ee0f.0", "smtp-brute.nse", "12d1_0001", "mtrace.nse", "http-vuln-cve2010-2861.nse", "subnet.js", "usb_firmware_upgrade.html", "fe8a2cd8.0", "90-xt_tplimit", "sys_monitor", "0fce:d103", "GTS_Root_R1.crt", "set.js", "dos_defense", "GlobalSign_Root_CA.crt", "50-usb-uhci", "on.py", "97-route.sh", "libc6-i386_2.23-0ubuntu3_amd64.info", "0af0:7901", "timeobj_api.sh", "http-avaya-ipoffice-users.nse", "http-referer-checker.nse", "b0e59380.0", "main.py", "edit.js", "assign_restriction.html", "ef954a4e.0", "enip-info.nse", "libc6-i386_2.4-1ubuntu12.3_amd64.symbols", "features.py", "1d09:1025", "libc6-i386_2.4-1ubuntu12_amd64.symbols", "xmpp-info.nse", "foldertree.js", "rewrite.lua", "19d2:0040", "nat_pt.sh", "1266:1000", "30-fs-ntfs", "https://app.malcore.io/share/652553f6aec33d70a1dbbd25/667cffec5ea31558d54fcda2", "T-TeleSec_GlobalRoot_Class_3.crt", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "libc6-i386_2.11.1-0ubuntu7_amd64.symbols", "30-veth", "Atos_TrustedRoot_2011.crt", "16d8:f000", "login.defs", "lldpd", "https://payvtylhwjxnr.xyz/Content/script?v=2", "libc6-i386_2.29-0ubuntu2_amd64.url", "index.js", "https://c.cnzz.com/core.php?web_id=1280740152&t=z", "icap-info.nse", "user-secrets", "S89remote_mngt", "core_wportal.sh", "0af0:d057", "https://www.filescan.io/uploads/66479b483313f70f0afe3dbb", "imap-brute.nse", "S96default_balance", "rtsp-methods.nse", "1001acf7.0", "10-firewall.sh", "1004:614e", "developers.md", "http-vuln-cve2017-5689.nse", "244b5494.0", "hostmap-crtsh.nse", "ifstat.html", "12d1:156a", "dnsproxySecurity", "sys_monitor.conf", "rmi-dumpregistry.nse", "12d1:1030", "pppox-functions.sh", "path-mtu.nse", "fstab", "12d1:1446", "ifup_down.sh", "zzomada_server", "626dceaf.0", "backorifice-brute.nse", "qos_ipset.sh", "bup-import-rdiff-backup", "1004:61dd", "panel.js", "rdp-vuln-ms12-020.nse", "1-lanv6hook.sh", "42-usb2-pci", "valuefooter.htm", "b727005e.0", "http-cors.nse", "http.lua", "Microsoft_ECC_Root_Certificate_Authority_2017.crt", "libradiusclient-ng.la", "02-split_access", "countrygroup", "unstar.js", "npm-token.md", "ssl_vpn_tunnel_group.html", "gre_init", "19d2:1588", "broadcast-ospf2-discover.nse", "15-usb_mode", "12d1:14c5", "fvalue.htm", "cli_ipsec_cmd.tree", "libc6-i386_2.24-11+deb9u4_amd64.info", "smb-enum-groups.nse", "1ee8:0013", "ar9533_switch_portStatistic", "csv2db.sh", "pptpd", "12d1:1f02", "widget.css", "chat-get-qualcomm_2", "https://rec.smartlook.com/main-20220331074633.js", "b7a5b843.0", "resolve.conf", "ajp-methods.nse", "S40fstab", "062cdee6.0", "tag.py", "libc6-i386_2.24-9ubuntu2_amd64.info", "http-vlcstreamer-ls.nse", "gre-ipsec-up-down.sh", "ospf.html", "dynddns", "0af0:7011", "broadcast-db2-discover.nse", "12d1:1520", "K99umount", "spi_device_id", "style-pcdemo.css", "21f5:1000", "1ee8:004f", "stdcrt", "profile", "12d1:1f1c", "dns-zeustracker.nse", "99_10_failsafe_login", "pppv6-share", "http-csrf.nse", "mysql-enum.nse", "repo.js", "ftp-brute.nse", "Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt", "package-json.md", "ipsec_secrets", "Entrust.net_Premium_2048_Secure_Server_CA.crt", "http-waf-fingerprint.nse", "mdns.html", "ipv6", "smb-vuln-ms10-054.nse", "SeTpartitions", "fw.sh", "http-auth.nse", "S22rsa_check", "libc6-i386_2.21-0ubuntu4.3_amd64.url", "Trustwave_Global_ECC_P256_Certification_Authority.crt", "1410:5020", "getimsi_b.gcom", "loadopenvpncert", "S47access_ctl", "join.py", "Security_Communication_Root_CA.crt", "websort", "libc6-i386_2.5-0ubuntu14_amd64.url", "dpap-brute.nse", "eq.js", "wechat_wifi.html", "ar9533_switch_portState", "12d1:1805", "npm-stars.md", "0af0:c031", "snmp-brute.nse", "reference", "libc6-i386_2.24-3ubuntu2.2_amd64.symbols", "ips_setting.html", "96-cmxddns.sh", "service level agreement for insurance company 31941.js", "mmouse-exec.nse", "S50radvd", "https://viz.greynoise.io/analysis/9635144c-db8f-47ab-a83a-5785602244cf - 07.03.24", "qipc_sharedmemory_xFMOjWbQizvIQbjaGodBkPpoECFzUYyznnjEncea48051f6b8a69e2450843f1f32c0bb393e04349", "https://masterhost.ru/s/masterhost_v2/build/js/compiled.min.js?v=Q/hhNATxy3sx", "S97gre_init", "smtp-open-relay.nse", "cloud_config.cfg", "l2tp-global", "noipddns", "getpinstatus.gcom", "5cd81ad7.0", "cli_cmd.tree", "zbalance_loop_reset", "getVid.sh", "04cc:226f", "https://www.filescan.io/uploads/664ba8a20663ff3c2ec6428a/reports/09d3d82a-7ec1-4804-93e5-5ae691fbb7f2/overview" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [ "Unknown" ], "malware_families": [ "Hammer", "Reduceright", "Kics", "Vob", "Gc", "Vd", "Gootkit", "Mcpaddon.js", "Tvb", "Industroyer - s0604" ], "industries": [ "Telecommunications", "Education", "Technology", "Healthcare", "Government" ] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 25, "pulses": [ { "id": "69ea02a2f2ea5e0297caa726", "name": "Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions", "description": "Security firm Checkmarx has been the target of a serious supply chain compromise, according to researchers at the Socket Research Team and the Open Source Software (OSS) in the United States and Canada.", "modified": "2026-05-23T11:20:53.452000", "created": "2026-04-23T11:29:38.193000", "tags": [ "github", "github actions", "checkmarx", "docker", "kics image", "yaml", "socket", "docker hub", "kics", "vs code", "april", "open", "powershell", "dune", "code", "mcpaddon.js" ], "references": [ "https://socket.dev/blog/checkmarx-supply-chain-compromise" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "mcpAddon.js", "display_name": "mcpAddon.js", "target": null }, { "id": "KICS", "display_name": "KICS", "target": null } ], "attack_ids": [ { "id": "T1525", "name": "Implant Internal Image", "display_name": "T1525 - Implant Internal Image" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1195", "name": "Supply Chain Compromise", "display_name": "T1195 - Supply Chain Compromise" }, { "id": "T1134", "name": "Access Token Manipulation", "display_name": "T1134 - Access Token Manipulation" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 2, "FileHash-SHA1": 4, "FileHash-SHA256": 11, "URL": 1, "domain": 1, "hostname": 2 }, "indicator_count": 21, "is_author": false, "is_subscribing": null, "subscriber_count": 863, "modified_text": "8 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f6f81dc2388c0fa027", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:54.563000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 218, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 119, "hostname": 133, "email": 4 }, "indicator_count": 2154, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f683111bbbe1c9ae35", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:54.775000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 218, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 119, "hostname": 133, "email": 4 }, "indicator_count": 2154, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f6657dd0c212d8344a", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:54.060000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 217, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 118, "hostname": 133, "email": 2 }, "indicator_count": 2150, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f511d0121d253b753d", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:53.436000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 224, "FileHash-MD5": 558, "FileHash-SHA1": 564, "FileHash-SHA256": 558, "URL": 140, "hostname": 166, "email": 2, "CVE": 8 }, "indicator_count": 2220, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d7a3f4d72c30f9586634b9", "name": "VirusTotal report\n for flow-browser-main.zip", "description": "A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T13:04:52.444000", "tags": [ "file type", "png image", "ascii", "ascii text", "java source", "json", "rgba", "creates", "crlf line", "mac os", "date", "malicious", "next", "button", "span", "edit3icon", "rotateccwicon", "xicon", "htmldivelement", "react", "saveicon", "null", "shortcutitem", "click", "zip archive", "png multimedia", "graphics" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO", "https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1560", "name": "Archive Collected Data", "display_name": "T1560 - Archive Collected Data" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 220, "FileHash-MD5": 562, "FileHash-SHA1": 566, "FileHash-SHA256": 1011, "URL": 125, "hostname": 139, "email": 4 }, "indicator_count": 2627, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d79c38e0a059039b475ebe", "name": "CAPE Sandbox", "description": "Email today from them on my line. Very wild things happening here. trying to close my line", "modified": "2026-05-09T12:10:59.635000", "created": "2026-04-09T12:31:52.495000", "tags": [ "html document", "unicode text", "utf8 text", "crlf", "lf line", "site", "meta", "verizon", "wireless", "internet", "phone services", "official", "shop verizon", "lte network", "get fios", "title", "code", "error", "utc na", "utc google", "tag manager", "gtmw2vn2cq", "utc dc9849921", "utc dc685973", "utc g12r1dx1lx7", "utc aw647962234", "utc aw2761768", "utc aw685973", "verizon business", "verizon for business", "verizon business account", "verizon business phone", "verizon wireless for business", "verizon business service", "verizon business plan", "business internet services", "learn", "gartner", "contact", "find", "discover", "support", "close log", "shop", "upgrade", "small", "voice", "chat", "mitre attack", "network info", "program", "html page", "t1055 process", "overview", "processes extra", "overview zenbox", "verdict", "guest system", "phishing", "next", "ver2", "msclkidn", "utc amazon", "analytics na", "utc bing", "vids1", "vids0", "gdlname" ], "references": [ "https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX", "https://www.verizon.com/business/", "https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 772, "hostname": 706, "domain": 875, "FileHash-SHA256": 2348, "FileHash-MD5": 2237, "FileHash-SHA1": 2260, "CVE": 1, "email": 9 }, "indicator_count": 9208, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "22 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d4f2dd828bbf0ac5efaa23", "name": "VirusTotal report\n for sample.crx", "description": "A small sample of malware has been identified by researchers at the University of Oregon in the US, and the results are published on the web, as well as on Google's Chrome extension and other sites.", "modified": "2026-05-07T12:05:50.774000", "created": "2026-04-07T12:04:44.957000", "tags": [ "file type", "json", "ascii text", "png image", "crlf line", "ascii", "rgba", "unicode text", "utf8 text", "defense evasion", "malicious" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 668, "FileHash-MD5": 668, "FileHash-SHA1": 675, "URL": 153, "domain": 230, "hostname": 177, "email": 2 }, "indicator_count": 2573, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d4f2db0b3448671adcce16", "name": "VirusTotal report\n for sample.crx", "description": "A small sample of malware has been identified by researchers at the University of Oregon in the US, and the results are published on the web, as well as on Google's Chrome extension and other sites.", "modified": "2026-05-07T12:05:50.774000", "created": "2026-04-07T12:04:43.156000", "tags": [ "file type", "json", "ascii text", "png image", "crlf line", "ascii", "rgba", "unicode text", "utf8 text", "defense evasion", "malicious" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 668, "FileHash-MD5": 668, "FileHash-SHA1": 675, "URL": 153, "domain": 230, "hostname": 177, "email": 2 }, "indicator_count": 2573, "is_author": false, "is_subscribing": null, "subscriber_count": 68, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69d4f2d9ce86a445b484593b", "name": "VirusTotal report\n for sample.crx", "description": "A small sample of malware has been identified by researchers at the University of Oregon in the US, and the results are published on the web, as well as on Google's Chrome extension and other sites.", "modified": "2026-05-07T12:05:50.774000", "created": "2026-04-07T12:04:41.097000", "tags": [ "file type", "json", "ascii text", "png image", "crlf line", "ascii", "rgba", "unicode text", "utf8 text", "defense evasion", "malicious" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1071", "name": "Application Layer Protocol", "display_name": "T1071 - Application Layer Protocol" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1095", "name": "Non-Application Layer Protocol", "display_name": "T1095 - Non-Application Layer Protocol" }, { "id": "T1574", "name": "Hijack Execution Flow", "display_name": "T1574 - Hijack Execution Flow" }, { "id": "T1497", "name": "Virtualization/Sandbox Evasion", "display_name": "T1497 - Virtualization/Sandbox Evasion" }, { "id": "T1518", "name": "Software Discovery", "display_name": "T1518 - Software Discovery" }, { "id": "T1562", "name": "Impair Defenses", "display_name": "T1562 - Impair Defenses" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "msudosos", "id": "381696", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 668, "FileHash-MD5": 668, "FileHash-SHA1": 675, "URL": 153, "domain": 230, "hostname": 177, "email": 2 }, "indicator_count": 2573, "is_author": false, "is_subscribing": null, "subscriber_count": 67, "modified_text": "24 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "data.name", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "data.name", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780236439.3135657 }