# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Note: Continuation of /maltrail/trails/static/malware/cobaltstrike.txt
# Note: Continuation of /maltrail/trails/static/malware/cobaltstrike-1.txt

# Reference: https://twitter.com/drb_ra/status/1599153233766645761

47.106.91.17:9999

# Reference: https://twitter.com/drb_ra/status/1599153269007388672

139.224.56.137:443

# Reference: https://twitter.com/drb_ra/status/1599154335899951104

101.34.36.50:1111

# Reference: https://twitter.com/drb_ra/status/1599154659259826177

service-ltxn64q7-1259697681.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599154785822953475

redirector.drwatson.workers.dev

# Reference: https://twitter.com/drb_ra/status/1599155689317769216

1.12.48.210:50000

# Reference: https://twitter.com/drb_ra/status/1599159295710568448

45.124.112.142:86
zsqiji.com
jh.zsqiji.com

# Reference: https://twitter.com/drb_ra/status/1599159873513701376

prodevline.com

# Reference: https://twitter.com/drb_ra/status/1599160112802832386

5.199.168.212:8080
bradleysair.com
sso.bradleysair.com

# Reference: https://twitter.com/drb_ra/status/1599160176703053824

http://103.100.210.43

# Reference: https://twitter.com/drb_ra/status/1599243501413302273

13.39.17.109:443

# Reference: https://twitter.com/drb_ra/status/1599243549622550529

5.199.168.212:8443

# Reference: https://twitter.com/drb_ra/status/1599243685002199040

47.242.204.243:4444

# Reference: https://twitter.com/drb_ra/status/1599243728106971137

service-i0k34aj0-1306743016.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599243774001127426

23.224.70.156:443

# Reference: https://twitter.com/drb_ra/status/1599243829458403329

40.77.54.32:443

# Reference: https://twitter.com/drb_ra/status/1599244178621349890

http://23.224.42.37
/acquire/premiere/SPFYYI1KSXE
/premiere/SPFYYI1KSXE
/SPFYYI1KSXE

# Reference: https://twitter.com/drb_ra/status/1599244288054935553

114.116.101.84:89

# Reference: https://twitter.com/drb_ra/status/1599244491503828992
# Reference: https://twitter.com/drb_ra/status/1599244933600272384
# Reference: https://twitter.com/drb_ra/status/1599245267601072129

23.224.70.154:443
23.224.70.155:443
23.224.70.157:443
23.224.70.158:443

# Reference: https://twitter.com/drb_ra/status/1599244544008142850

45.136.14.80:17001

# Reference: https://twitter.com/drb_ra/status/1599244728041611265

http://45.63.127.253

# Reference: https://twitter.com/drb_ra/status/1599245339290214400

18.133.158.108:443

# Reference: https://www.virustotal.com/gui/file/ec64a8f8d13824ffea88c857f4fb394d571364504a754b175040821ef3e0e752/detection

virtualpoolnet.com
mega.virtualpoolnet.com

# Reference: https://twitter.com/drb_ra/status/1599402130212851715

45.154.12.201:8443

# Reference: https://twitter.com/drb_ra/status/1599402207845273601

23.160.193.126:8000

# Reference: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_All.txt

http://1.12.218.174
http://101.42.27.149
http://103.145.23.11
http://106.13.54.144
http://107.189.13.130
http://107.189.3.56
http://107.189.4.164
http://107.189.7.248
http://109.172.45.28
http://117.78.21.33
http://124.220.49.47
http://124.222.77.10
http://143.198.173.163
http://144.172.118.74
http://152.136.12.64
http://182.61.139.132
http://185.174.172.221
http://185.199.110.133
http://193.149.185.214
http://194.135.24.242
http://194.135.24.250
http://20.204.47.86
http://205.185.114.97
http://209.141.43.107
http://212.113.106.118
http://23.227.202.188
http://23.29.115.190
http://31.44.184.74
http://35.89.195.215
http://38.6.155.73
http://43.139.241.58
http://49.232.34.39
http://49.234.137.223
http://5.8.18.112
http://54.173.59.51
http://77.73.131.173
http://77.73.131.6
http://77.73.133.116
http://77.73.134.23
http://77.73.134.51
http://79.137.248.24
http://81.68.75.45
http://81.71.45.160
http://82.157.110.128
1.14.107.106:4433
1.15.225.244:443
101.34.240.79:443
101.35.198.64:443
101.43.240.159:801
103.149.200.79:9530
103.43.12.106:443
103.43.12.107:443
103.43.12.109:443
103.71.153.157:8443
104.168.11.90:8443
107.148.53.252:801
107.189.1.15:443
107.189.5.117:443
107.189.6.84:443
107.189.7.248:443
109.206.241.183:443
110.41.131.105:5555
120.25.178.170:443
121.199.166.58:8888
121.40.127.134:443
121.41.108.155:800
121.41.96.3:443
121.46.6.208:443
124.221.89.144:443
124.222.125.194:4433
124.223.45.180:443
124.70.130.70:2222
125.124.127.206:8001
137.184.49.135:443
138.197.0.238:443
138.68.129.139:443
139.196.200.179:50000
139.59.181.36:443
139.59.9.6:443
143.198.173.163:443
144.172.118.86:443
146.190.164.193:443
154.209.82.138:443
159.89.113.109:443
162.14.68.74:443
162.14.70.5:443
162.33.177.42:443
163.197.249.73:8888
172.96.141.20:443
175.178.243.43:2087
176.113.115.101:443
176.113.115.103:443
179.43.142.137:443
179.43.154.155:443
18.177.125.154:443
18.181.9.176:443
182.92.67.97:8443
185.130.45.243:443
188.166.16.172:443
192.3.251.157:443
194.135.24.250:443
194.165.16.83:443
195.133.53.186:8080
195.178.120.143:5000
198.98.50.31:443
198.98.55.58:443
20.119.67.107:4433
20.157.215.80:443
20.55.77.132:443
20.90.90.172:443
205.185.114.97:443
205.185.119.170:443
205.185.121.78:443
206.119.81.220:8443
207.148.74.55:443
209.141.41.151:443
209.141.47.99:443
209.141.54.116:443
212.113.106.118:443
216.240.130.72:443
216.70.80.16:8099
23.227.202.188:443
23.227.203.14:443
3.65.42.215:443
3.70.34.175:443
34.28.222.48:443
35.74.29.162:443
39.98.50.48:8099
42.193.139.221:10001
43.139.156.186:443
43.142.176.16:443
43.143.130.125:8809
43.143.195.119:2121
45.227.252.253:443
45.61.185.16:443
45.61.187.242:443
47.242.207.14:444
47.242.63.91:443
47.243.200.118:443
47.95.149.125:90
47.96.156.250:4445
49.232.191.102:443
5.188.86.196:443
51.91.100.41:443
54.87.226.90:443
54.92.103.160:443
58.64.193.172:4443
68.233.238.123:443
69.12.89.251:8443
77.73.131.173:443
77.73.131.193:443
77.73.134.23:8443
77.73.134.51:443
8.222.133.128:443
81.68.75.45:443
81.71.8.186:6666
82.157.8.217:5555
84.32.128.237:443
84.32.188.156:443
84.32.190.100:443
84.32.190.139:443
85.209.135.73:443
86.106.87.152:443
88.218.192.251:443
91.245.254.116:443
93.95.229.225:443

# Reference: https://twitter.com/drb_ra/status/1599493719702573056

154.7.64.12:8043

# Reference: https://twitter.com/drb_ra/status/1599494034095046665

185.180.223.126:8084

# Reference: https://twitter.com/drb_ra/status/1599494492159107073

194.165.16.53:4444

# Reference: https://twitter.com/drb_ra/status/1599495516001386497

finance.rapidfinact.com

# Reference: https://twitter.com/drb_ra/status/1599495644326010883

http://195.189.96.218

# Reference: https://twitter.com/drb_ra/status/1599495973138567168

139.196.47.225:809

# Reference: https://twitter.com/drb_ra/status/1599497569901608963

107.173.122.167:443

# Reference: https://twitter.com/drb_ra/status/1599498367725436928

esoftwareupdates.com

# Reference: https://twitter.com/drb_ra/status/1599498703634571265

service-fmbftrxi-1314507962.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599498795603173376

163.197.43.157:5678

# Reference: https://twitter.com/James_inthe_box/status/1599787857467834368
# Reference: https://app.any.run/tasks/1c4af7b8-813b-4fda-9d66-a105288a37de/

http://165.22.48.183

# Reference: https://twitter.com/drb_ra/status/1599586273370558464

45.32.233.211:8080

# Reference: https://twitter.com/drb_ra/status/1599586360662396930

47.99.110.68:81

# Reference: https://twitter.com/drb_ra/status/1599587043667058688
# Reference: https://www.virustotal.com/gui/file/ef2636f88cde3f0362cebd168c9793735c7df4d22f34652f0e6ce8e87e881c79/detection

arrenal.com
team.arrenal.com

# Reference: https://twitter.com/drb_ra/status/1599587406872805376

35.90.121.211:30002

# Reference: https://twitter.com/drb_ra/status/1599587431682113537

179.60.150.99:443

# Reference: https://twitter.com/drb_ra/status/1599587487881592833

120.78.216.232:443

# Reference: https://twitter.com/drb_ra/status/1599587554168377345

http://124.71.143.78

# Reference: https://twitter.com/drb_ra/status/1599587589765435392

http://45.76.37.42

# Reference: https://twitter.com/drb_ra/status/1599587737887281153

d232xh9rapx5ux.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1599587824692494337

45.94.40.7:8045

# Reference: https://twitter.com/drb_ra/status/1599729174167576576

service-kuy5z66l-1308290351.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599730169400410112

http://179.43.142.47

# Reference: https://twitter.com/drb_ra/status/1599731054000148483

service-fa7um5z4-1314640586.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599731391712960513

http://81.68.175.191

# Reference: https://twitter.com/drb_ra/status/1599731754755100672

teamelite-ck.info

# Reference: https://twitter.com/drb_ra/status/1599731813425061893

173.82.159.59:8443
cloudf1are.tk

# Reference: https://twitter.com/drb_ra/status/1599732463315607552

http://45.32.233.211
http://45.76.37.42

# Reference: https://twitter.com/drb_ra/status/1599732776374341632

20.26.247.136:443

# Reference: https://twitter.com/drb_ra/status/1599733050572787713

104.238.220.108:443
23.108.57.77:443

# Reference: https://twitter.com/drb_ra/status/1599733100321599488

120.26.240.21:4433

# Reference: https://twitter.com/drb_ra/status/1599733234744664064

http://93.115.27.11

# Reference: https://twitter.com/drb_ra/status/1599733368199020550

47.103.42.161:8087

# Reference: https://twitter.com/drb_ra/status/1599737065054392321

144.48.240.104:8081

# Reference: https://twitter.com/drb_ra/status/1599737232629301248

8.131.94.164:4443

# Reference: https://twitter.com/drb_ra/status/1599746840538251265

49.232.34.39:8080

# Reference: https://twitter.com/drb_ra/status/1599746895097782272
# Reference: https://twitter.com/drb_ra/status/1599749208139075587

43.139.69.104:8443
43.139.69.104:8880
360se.publicvm.com
service-7tllas30-1313419091.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599748251619672064

170.64.148.19:443

# Reference: https://twitter.com/drb_ra/status/1599847319033315329

51.210.243.38:8087

# Reference: https://twitter.com/drb_ra/status/1599847445650964480

wa1.ink

# Reference: https://twitter.com/drb_ra/status/1599847478949470208

49.0.192.16:8080

# Reference: https://twitter.com/drb_ra/status/1599847586713767953

http://175.178.191.210

# Reference: https://twitter.com/drb_ra/status/1599847784332550144

http://47.108.180.121

# Reference: https://twitter.com/drb_ra/status/1599847950812864512

test.227api.com

# Reference: https://twitter.com/drb_ra/status/1599848319022518274

service-bny5eh7w-1309094654.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599848462505414666

107.148.201.50:40001

# Reference: https://twitter.com/drb_ra/status/1599848596265963538

114.115.160.181:8848

# Reference: https://twitter.com/cobaltstrikebot/status/1599505502110908418
# Reference: https://twitter.com/drb_ra/status/1600302023123107843

43.139.129.211:4433
sf-express.store

# Reference: https://www.virustotal.com/gui/file/02eca3440338a1bc8f2396959550b11c3ae000571a43efd0a2ad2db29b57196b/detection

http://43.139.215.184

# Reference: https://twitter.com/drb_ra/status/1599883742046216202

82.157.171.28:443

# Reference: https://twitter.com/drb_ra/status/1599889460681908229

43.156.25.232:6666

# Reference: https://twitter.com/drb_ra/status/1599890065001422852

http://103.146.158.251
dchu2u.com

# Reference: https://twitter.com/drb_ra/status/1599965990850371586

38.60.8.235:8080

# Reference: https://twitter.com/drb_ra/status/1599966255741636610

38.6.231.116:4444

# Reference: https://twitter.com/drb_ra/status/1599966528761479168

23.94.40.43:7777

# Reference: https://twitter.com/drb_ra/status/1599966946992209920

43.143.237.87:443

# Reference: https://twitter.com/drb_ra/status/1599967055557574657

198.244.224.68:9043

# Reference: https://twitter.com/drb_ra/status/1599967483838009344

googlecontentuser.com

# Reference: https://twitter.com/drb_ra/status/1599967616885555206

34.124.155.137:8088

# Reference: https://twitter.com/drb_ra/status/1600088195714240512

service-0sj91cuc-1257589019.hk.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1600505133166632964

20.106.98.142:2096
googleupdatetk.com

# Reference: https://twitter.com/drb_ra/status/1600088710040674306

47.103.42.161:8088

# Reference: https://twitter.com/drb_ra/status/1600089207917187074

170.178.211.194:2053
bandu-img.tk
img.bandu-img.tk

# Reference: https://twitter.com/drb_ra/status/1600089245720481794

124.222.54.25:443

# Reference: https://twitter.com/drb_ra/status/1600092498793316352

754xneyq.slt.sched.intlsdcn.com
bc46l49k.slt.sched.intlscdn.com

# Reference: https://twitter.com/drb_ra/status/1600110774667677698

36.26.80.93:8888

# Reference: https://twitter.com/drb_ra/status/1600134779478966273

360se.line.pm

# Reference: https://twitter.com/drb_ra/status/1600134848559079424

39.104.165.139:81

# Reference: https://twitter.com/drb_ra/status/1600135475309715459

http://18.192.11.175

# Reference: https://twitter.com/drb_ra/status/1600136962769358851

charismaticilok.com

# Reference: https://twitter.com/drb_ra/status/1600243700440915989

101.43.139.124:2580

# Reference: https://twitter.com/drb_ra/status/1600330978995699715

texasflooddesign.com
/test/v4.2/O7J94ZCC
/v4.2/O7J94ZCC
/O7J94ZCC

# Reference: https://twitter.com/drb_ra/status/1600331208377995264

51.210.243.38:6969

# Reference: https://twitter.com/drb_ra/status/1600331240707596288

ramdd.com

# Reference: https://twitter.com/drb_ra/status/1600331324140802049

172.96.188.33:443

# Reference: https://twitter.com/drb_ra/status/1600331473525022720

tobinwimkin.host

# Reference: https://twitter.com/drb_ra/status/1600331599324893186

47.243.31.34:2086
baidus.top
pay.baidus.top

# Reference: https://twitter.com/drb_ra/status/1600331695344984067

credit-assist.azurewebsites.net

# Reference: https://twitter.com/drb_ra/status/1600332145364443141
# Reference: https://www.virustotal.com/gui/file/fff56f2a40dd133d90e0b402f1044115aa13ec099f56ce1eb32a7928903d708b/detection
# Reference: https://www.virustotal.com/gui/file/7191a5356ea8c6e9c6ce7c32efb5207af4960fd1cce3e107b169e39523de51ac/detection
# Reference: https://www.virustotal.com/gui/file/337e69e9acf5be05149326526f8b4d9e1feab0f0143013afc8bd6332e9414fec/detection
# Reference: https://www.virustotal.com/gui/file/21ee6140947a10454bf6d1ef8e3b2aa2cd2a1aadbfa07d451439f7d262413166/detection

103.131.189.20:8443
edgeupdatem.services
edgexml.edgeupdatem.services
update.edgeupdatem.services

# Reference: https://twitter.com/drb_ra/status/1600332186506465283

124.156.11.146:9999

# Reference: https://twitter.com/drb_ra/status/1600332269121593345

34.96.195.216:8033

# Reference: https://twitter.com/drb_ra/status/1600332317381230592

179.43.142.90:8081

# Reference: https://twitter.com/drb_ra/status/1600332537271828480

35.92.32.1:8086

# Reference: https://twitter.com/drb_ra/status/1600332964985970689

13.41.229.142:443

# Reference: https://twitter.com/drb_ra/status/1600333007382085634

152.89.196.33:445

# Reference: https://twitter.com/drb_ra/status/1600473928237027328

120.48.31.168:443

# Reference: https://twitter.com/drb_ra/status/1600504416788004865

106.12.148.10:8883

# Reference: https://twitter.com/drb_ra/status/1600504879881113600

101.33.232.139:2222

# Reference: https://twitter.com/drb_ra/status/1600505821892415490

/retrieve/analyse/QJQQ4QZ76WZ
/analyse/QJQQ4QZ76WZ
/QJQQ4QZ76WZ

# Reference: https://twitter.com/drb_ra/status/1600506931734626308

173.82.212.78:443

# Reference: https://twitter.com/drb_ra/status/1600507128376168454

http://120.48.31.168

# Reference: https://twitter.com/drb_ra/status/1600507307510611971

43.143.19.165:8080

# Reference: https://twitter.com/drb_ra/status/1600507506324905991

8.142.171.59:25565

# Reference: https://twitter.com/drb_ra/status/1600508517911257091

8.134.90.91:6666

# Reference: https://twitter.com/drb_ra/status/1600509003683053574

124.222.203.214:8080

# Reference: https://twitter.com/drb_ra/status/1600511065590308872

http://85.208.136.223

# Reference: https://twitter.com/drb_ra/status/1600513368263196672

8.141.161.11:5555

# Reference: https://twitter.com/drb_ra/status/1600514131102208002

vgflab.de

# Reference: https://twitter.com/drb_ra/status/1600514743151779842

2022.gx.hvv.gxhw.work

# Reference: https://twitter.com/drb_ra/status/1600514780778954753

http://172.104.191.136
http://3.227.3.182

# Reference: https://twitter.com/drb_ra/status/1600515549250949124

http://8.134.155.21

# Reference: https://twitter.com/drb_ra/status/1600515589398732803

1.117.141.120:2222

# Reference: https://twitter.com/drb_ra/status/1600516167428444163

121.36.165.78:443

# Reference: https://twitter.com/drb_ra/status/1600516290480930816

116.251.216.137:443

# Reference: https://twitter.com/drb_ra/status/1600516736222117891

svchost20221206.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1600517837226971136

8.134.155.21:443

# Reference: https://twitter.com/drb_ra/status/1600569969820975117

http://180.76.146.71

# Reference: https://twitter.com/drb_ra/status/1600574424901632003

d3ktcnc1w6pd1f.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1600577792197935124

america.azurewebsites.net

# Reference: https://twitter.com/drb_ra/status/1600582266958266391

43.154.27.211:8880
microsofer.top

# Reference: https://twitter.com/drb_ra/status/1600584883583291394

91.240.118.207:82

# Reference: https://twitter.com/drb_ra/status/1600590593792557058

185.239.226.16:8088

# Reference: https://twitter.com/drb_ra/status/1600591008181501955

185.216.71.178:4413

# Reference: https://twitter.com/drb_ra/status/1600591115157213186
# Reference: https://twitter.com/drb_ra/status/1600597141092765724

http://139.177.146.61
139.177.146.61:443

# Reference: https://twitter.com/drb_ra/status/1600591652049063939

157.245.50.113:443

# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-12-07-IOCs-for-Bumblebee-infection-with-Cobalt-Strike.txt

ceyuvigi.com

# Reference: https://twitter.com/drb_ra/status/1600593469839446036

certindia.cf

# Reference: https://twitter.com/drb_ra/status/1600594040239624215

defend.rapidfinact.com
/contact/v5.74/ISNBCWPYQZP
/v5.74/ISNBCWPYQZP
/ISNBCWPYQZP

# Reference: https://twitter.com/drb_ra/status/1600594073429151749

googlecloudsvcs.com
/owa/iS0FOUoc0R1nWN7Fmhh3KgO9mFyhiv0hEitEO3AeyfyT
/iS0FOUoc0R1nWN7Fmhh3KgO9mFyhiv0hEitEO3AeyfyT

# Reference: https://twitter.com/drb_ra/status/1600594213523128321

198.44.132.153:8080

# Reference: https://twitter.com/drb_ra/status/1600594468503228450

http://43.140.251.169

# Reference: https://twitter.com/drb_ra/status/1600594948751036419

179.43.142.32:8081
179.43.142.35:8081
179.43.142.90:8081

# Reference: https://twitter.com/drb_ra/status/1600595967170039813

179.43.142.32:8082
179.43.142.35:8082
179.43.142.90:8082

# Reference: https://twitter.com/drb_ra/status/1600595380797902870

51.222.200.10:443

# Reference: https://twitter.com/drb_ra/status/1600595712995168257

91.240.118.218:8093

# Reference: https://twitter.com/drb_ra/status/1600596352618168321

sercieupdn.host
/change/shtml/X4XL95PABD8
/shtml/X4XL95PABD8
/X4XL95PABD8

# Reference: https://twitter.com/drb_ra/status/1600624959033905153

d2idc6pw30xvpl.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1600631563758206977

1.15.243.154:50005

# Reference: https://twitter.com/drb_ra/status/1600632833386680320

1.13.14.225:443

# Reference: https://twitter.com/drb_ra/status/1600657126086643713

3.14.15.220:443

# Reference: https://twitter.com/drb_ra/status/1600657542056710146

http://43.143.81.59

# Reference: https://twitter.com/drb_ra/status/1600658452598165507

45.32.239.191:445

# Reference: https://twitter.com/drb_ra/status/1600666255790325762

49.233.0.40:8443

# Reference: https://twitter.com/drb_ra/status/1600666280989687810

/Register/environ/L36WHWK1
/environ/L36WHWK1
/L36WHWK1

# Reference: https://twitter.com/drb_ra/status/1600666653381038083

service-a7xtku4n-1252123187.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1600806949867737093

23.106.124.188:801

# Reference: https://twitter.com/drb_ra/status/1600817738414538752

172.96.141.10:8443

# Reference: https://twitter.com/drb_ra/status/1600817821835055104

http://47.101.129.148

# Reference: https://twitter.com/drb_ra/status/1600818639011184640

43.143.81.59:443

# Reference: https://twitter.com/malware_traffic/status/1600946023165480960
# Reference: https://www.virustotal.com/gui/file/aca5df1c030674df2a2951643483c0eca05333dcb1392411f978ae625c269a7e/detection

pejapezey.com

# Reference: https://twitter.com/malware_traffic/status/1600933614531010561
# Reference: https://www.virustotal.com/gui/file/6913e5bc7b24e715cc1873522a6442a837cc74b487a10c3bf6f512a7e25e3d4d/detection

aloyadakmashin.com

# Reference: https://twitter.com/malware_traffic/status/1600953451940556801

netlifetown.com

# Reference: https://twitter.com/drb_ra/status/1600952999261642761

web.granapo.com.global.prod.fastly.net

# Reference: https://twitter.com/drb_ra/status/1600954465992974349

107.148.129.129:1433

# Reference: https://twitter.com/drb_ra/status/1600955943658856464

96.45.163.191:8087

# Reference: https://twitter.com/drb_ra/status/1600956395062435866

74.120.169.91:443

# Reference: https://twitter.com/drb_ra/status/1600956708674740244

176.113.115.3:8080

# Reference: https://twitter.com/drb_ra/status/1600956832444456978

139.177.146.61:88

# Reference: https://twitter.com/drb_ra/status/1600957028737884169

137.220.232.89:443

# Reference: https://twitter.com/drb_ra/status/1600957360905789450

103.234.72.11:18877

# Reference: https://twitter.com/drb_ra/status/1600957522826895382

86.106.74.59:54943

# Reference: https://twitter.com/drb_ra/status/1600957618415083546

http://74.120.169.91

# Reference: https://twitter.com/drb_ra/status/1600957674291601442

103.234.72.142:86

# Reference: https://twitter.com/drb_ra/status/1600972682480308243

e.17500.cn

# Reference: https://twitter.com/drb_ra/status/1600972709579706387

cdn-file.midiwo.com

# Reference: https://twitter.com/drb_ra/status/1600972738411352068

cdn-file.joyfartech.com

# Reference: https://twitter.com/drb_ra/status/1600972744140771339

s1.kagirl.cn

# Reference: https://twitter.com/drb_ra/status/1600973831123992576

http://4.228.65.217

# Reference: https://twitter.com/drb_ra/status/1600974138985832448

18.166.178.144:60000

# Reference: https://twitter.com/MichalKoczwara/status/1601179780480610304

116.62.179.202:8000

# Reference: https://twitter.com/drb_ra/status/1601178264449474562

bin.hik.icu

# Reference: https://twitter.com/drb_ra/status/1601178411984109568

205.185.115.71:443

# Reference: https://twitter.com/drb_ra/status/1601178537435840512

43.140.251.169:443

# Reference: https://twitter.com/drb_ra/status/1601179053641408512

43.139.18.81:7777

# Reference: https://twitter.com/drb_ra/status/1601180471874002945

179.43.142.47:10443

# Reference: https://twitter.com/drb_ra/status/1601181014549725184

43.159.38.188:5801
/CWoNaJLBo/VTNeWw11212/
/CWoNaJLBo/
/VTNeWw11212/

# Reference: https://twitter.com/drb_ra/status/1601227015293747201

43.249.9.15:9000

# Reference: https://twitter.com/drb_ra/status/1601227121346625537

103.231.254.188:4444

# Reference: https://twitter.com/drb_ra/status/1601227312632061953

43.142.77.246:10014

# Reference: https://twitter.com/drb_ra/status/1601227373990617088

39.99.152.41:443

# Reference: https://twitter.com/drb_ra/status/1601228025286246405

82.157.136.219:81

# Reference: https://twitter.com/drb_ra/status/1601228575969054725

pen28sja1.tk
cs.pen28sja1.tk

# Reference: https://twitter.com/drb_ra/status/1601228849412509696

service-aqum5s30-1308454369.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601304872468578306

195.123.225.163:443

# Reference: https://twitter.com/drb_ra/status/1601304987530936322

expoglobalservice.com

# Reference: https://twitter.com/drb_ra/status/1601305191722147847

103.135.249.159:443

# Reference: https://twitter.com/drb_ra/status/1601305253281931271

137.220.232.89:81

# Reference: https://twitter.com/drb_ra/status/1601305396744015873

207.246.112.192:4433

# Reference: https://twitter.com/drb_ra/status/1601305477350100993

77.73.134.36:8080

# Reference: https://twitter.com/drb_ra/status/1601305518483578882

http://155.94.151.195

# Reference: https://twitter.com/drb_ra/status/1601305742799142915

134.122.0.158:443

# Reference: https://twitter.com/drb_ra/status/1601306001541586944

194.49.94.254:10087

# Reference: https://twitter.com/drb_ra/status/1601306817346297859

192.241.142.215:443

# Reference: https://twitter.com/drb_ra/status/1601307439365775361

179.43.142.35:8082

# Reference: https://twitter.com/drb_ra/status/1601307970385625090

47.242.74.51:8989

# Reference: https://twitter.com/drb_ra/status/1601308254377738241

124.71.84.65:443

# Reference: https://twitter.com/drb_ra/status/1601308570187960323

98.142.254.15:8080
latinacorinne.com
sso.latinacorinne.com

# Reference: https://twitter.com/drb_ra/status/1601308993351188482

103.149.200.79:9529
attck.top

# Reference: https://twitter.com/drb_ra/status/1601328963531546627

175.178.243.43:2052

# Reference: https://twitter.com/drb_ra/status/1601332498214051845

http://81.70.152.197

# Reference: https://twitter.com/drb_ra/status/1601332902100353024

104.21.54.192:8880
172.67.141.87:8880

# Reference: https://twitter.com/drb_ra/status/1601333105117335554

120.48.71.139:8081

# Reference: https://twitter.com/drb_ra/status/1601355792598310912

47.92.217.197:443

# Reference: https://twitter.com/drb_ra/status/1601355926786670594

23.95.44.36:443

# Reference: https://twitter.com/drb_ra/status/1601356285907292160

http://62.204.41.171

# Reference: https://twitter.com/drb_ra/status/1601356503532929024

164.155.99.102:7777
38.60.36.55:7777

# Reference: https://twitter.com/drb_ra/status/1601483634338316289

http://124.71.84.65

# Reference: https://twitter.com/drb_ra/status/1601484034995097600

173.82.159.59:8443
c1oudflare.tk

# Reference: https://twitter.com/drb_ra/status/1601539981268467714

39.98.67.145:8443

# Reference: https://twitter.com/drb_ra/status/1601540173615058945

104.168.11.90:2096
whereismyip.tk
cdn.whereismyip.tk

# Reference: https://twitter.com/drb_ra/status/1601540305047756800

120.24.183.94:6666

# Reference: https://twitter.com/drb_ra/status/1601543637355175937

/Remove/favorites/KM1DPMDAL
/favorites/KM1DPMDAL
/KM1DPMDAL

# Reference: https://twitter.com/drb_ra/status/1601544438202908679

8.218.99.231:443

# Reference: https://twitter.com/drb_ra/status/1601544493861306370

tender.jkub.com

# Reference: https://twitter.com/drb_ra/status/1601545328897019905

yetiorcvar.cf

# Reference: https://twitter.com/drb_ra/status/1601545634322022404

http://120.78.82.210
/adapt/v7.82/NUA9NH12F2GF
/v7.82/NUA9NH12F2GF
/NUA9NH12F2GF

# Reference: https://twitter.com/drb_ra/status/1601545755038294018

d2xoknzblbbhrj.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1601546791433936900
# Reference: https://twitter.com/drb_ra/status/1601688760030154752

http://104.21.2.52
http://154.209.82.138
http://172.67.128.185
154.209.82.138:81
whatjs.gq

# Reference: https://twitter.com/drb_ra/status/1601568436009766914

18.222.142.185:443

# Reference: https://twitter.com/drb_ra/status/1601569370559463425

129.226.201.214:9999

# Reference: https://twitter.com/drb_ra/status/1601589626300497929

80.85.154.166:443

# Reference: https://twitter.com/drb_ra/status/1601589888897392642

152.136.227.216:9977

# Reference: https://twitter.com/drb_ra/status/1601590056979947521

121.196.165.107:4444

# Reference: https://twitter.com/drb_ra/status/1601590090576322561

http://156.96.62.55

# Reference: https://twitter.com/drb_ra/status/1601590205940748290

service-jaqtuxgu-1256226576.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601591010391429121

173.82.219.37:8099

# Reference: https://twitter.com/drb_ra/status/1601591699913981953

service-fmbftrxi-1314507962.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601676854120677376

116.205.228.78:8001

# Reference: https://twitter.com/drb_ra/status/1601676935440248832

164.155.99.102:7777

# Reference: https://twitter.com/drb_ra/status/1601677104059363328
# Reference: https://twitter.com/drb_ra/status/1601677860133081091

103.100.62.176:8443
103.100.62.179:8443
fiashupdate.ga
update.fiashupdate.ga

# Reference: https://twitter.com/drb_ra/status/1601677411409616897

43.138.236.103:443

# Reference: https://twitter.com/drb_ra/status/1601678884126134273

198.46.131.172:443

# Reference: https://twitter.com/drb_ra/status/1601679225555398657

62.204.41.171:443

# Reference: https://twitter.com/drb_ra/status/1601679769006997509

ccce.best

# Reference: https://twitter.com/drb_ra/status/1601679963198988292

172.93.45.162:8443

# Reference: https://twitter.com/drb_ra/status/1601680425952636928

45.200.14.24:8011

# Reference: https://twitter.com/drb_ra/status/1601681442496548872

http://202.146.216.134

# Reference: https://twitter.com/drb_ra/status/1601681833040777218

49.128.198.17:6767

# Reference: https://twitter.com/drb_ra/status/1601690192703680514

service-nhvty71c-1255451648.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601749038336024577

47.103.42.161:8022

# Reference: https://twitter.com/drb_ra/status/1601750453875867648

81.68.142.187:443

# Reference: https://twitter.com/drb_ra/status/1601782037870006273

23.105.221.97:9999

# Reference: https://twitter.com/drb_ra/status/1601782354959384577
# Reference: https://twitter.com/drb_ra/status/1601783459978133505

43.156.150.242:2095
43.156.150.242:2096

# Reference: https://twitter.com/drb_ra/status/1601783107862011906

16.162.120.141:60001

# Reference: https://twitter.com/drb_ra/status/1601783160697651201

103.233.253.147:8088

# Reference: https://twitter.com/drb_ra/status/1601902467469426688

120.78.82.210:443

# Reference: https://twitter.com/drb_ra/status/1601908316275367936

49.128.198.3:53

# Reference: https://twitter.com/drb_ra/status/1601978476000677890

107.148.129.142:443

# Reference: https://twitter.com/drb_ra/status/1601994022591021056

kaspenskyupdate.com
s15.kaspenskyupdate.com

# Reference: https://twitter.com/drb_ra/status/1602270817265524736
# Reference: https://twitter.com/drb_ra/status/1602270817265524736
# Reference: https://www.virustotal.com/gui/ip-address/172.67.138.166/relations

omg1.kasperslkyupdate.com
omg2.kasperslkyupdate.com
sn1ff1.kasperslkyupdate.com
sn1ff2.kasperslkyupdate.com

# Reference: https://twitter.com/drb_ra/status/1601995322049413120

91.245.254.116:443

# Reference: https://twitter.com/drb_ra/status/1601997014669180930

125.124.127.206:8001

# Reference: https://twitter.com/drb_ra/status/1601997515863326721

ubds.uk

# Reference: https://twitter.com/drb_ra/status/1601997723573653506

kratomleaf.strangled.net

# Reference: https://twitter.com/drb_ra/status/1601998936151040004

183.57.37.247:6666

# Reference: https://twitter.com/drb_ra/status/1601999651124781057

121.41.108.155:800

# Reference: https://twitter.com/drb_ra/status/1602000210812715012

49.234.19.234:8089

# Reference: https://twitter.com/drb_ra/status/1602001170498715649

183.57.37.247:8080

# Reference: https://twitter.com/drb_ra/status/1602054296010383360

85.209.135.49:443

# Reference: https://twitter.com/drb_ra/status/1602055100129628160

service-bzzkyay3-1304672019.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1602055425569988608

185.246.221.111:8081

# Reference: https://twitter.com/drb_ra/status/1602055945613447168

155.94.156.132:10011

# Reference: https://twitter.com/drb_ra/status/1602060175594094592
# Reference: https://twitter.com/drb_ra/status/1602060501063811073

http://54.199.163.150
54.199.163.150:443

# Reference: https://twitter.com/drb_ra/status/1602115611508850689

conhoosst.com
as.conhoosst.com
qw.conhoosst.com
zx.conhoosst.com

# Reference: https://twitter.com/drb_ra/status/1602133345630134272

124.220.151.246:8443

# Reference: https://twitter.com/drb_ra/status/1602133671842091008

45.152.67.162:6443

# Reference: https://twitter.com/drb_ra/status/1602133929464668160

http://43.155.140.117

# Reference: https://twitter.com/drb_ra/status/1602133987379535879

66.94.122.94:8443

# Reference: https://twitter.com/drb_ra/status/1602134006694387712

85.117.235.185:8089

# Reference: https://twitter.com/drb_ra/status/1602134033068134401

43.128.66.61:443

# Reference: https://twitter.com/drb_ra/status/1602134228132577280

45.139.105.143:8083

# Reference: https://twitter.com/drb_ra/status/1602232670943154178

23.152.0.171:8080

# Reference: https://twitter.com/drb_ra/status/1602237948753321984

47.92.95.200:443

# Reference: https://twitter.com/drb_ra/status/1602267549537796096
# Reference: https://twitter.com/drb_ra/status/1602273393067302912

http://47.104.195.224
47.104.195.224:443

# Reference: https://twitter.com/drb_ra/status/1602267686502891520

83.217.11.6:8443

# Reference: https://twitter.com/drb_ra/status/1602271522269401088

http://47.100.180.46

# Reference: https://twitter.com/drb_ra/status/1602272312853774338

pabotelidely.tk
managers.pabotelidely.tk

# Reference: https://twitter.com/drb_ra/status/1602273337278963712

18.166.178.144:60000

# Reference: https://twitter.com/drb_ra/status/1602273592250712065

114.132.155.224:1433

# Reference: https://twitter.com/drb_ra/status/1602274034401660932

http://162.14.83.232

# Reference: https://twitter.com/drb_ra/status/1602274191578959873

179.43.142.47:8443

# Reference: https://twitter.com/drb_ra/status/1602301005877723137

dobo78a5jztmu.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1602301725561561090

120.232.254.134:7788

# Reference: https://twitter.com/drb_ra/status/1602302550174228481

82.157.125.21:443

# Reference: https://twitter.com/drb_ra/status/1602335538433884166

45.66.159.41:5556

# Reference: https://twitter.com/drb_ra/status/1602335795452469254

47.97.170.200:8086

# Reference: https://twitter.com/drb_ra/status/1602510048688750594

38.54.17.134:18080

# Reference: https://twitter.com/drb_ra/status/1602510088069054464

103.149.200.79:9530

# Reference: https://twitter.com/drb_ra/status/1602510200623202305

179.60.150.50:443

# Reference: https://twitter.com/drb_ra/status/1602510360703033345

43.128.66.61:8888

# Reference: https://twitter.com/drb_ra/status/1602511299426062336

155.94.156.132:10010

# Reference: https://twitter.com/drb_ra/status/1602511369873592320

3.8.10.84:443

# Reference: https://twitter.com/drb_ra/status/1602511429462118400

124.223.118.87:8077

# Reference: https://twitter.com/drb_ra/status/1602511750741594112

158.247.206.173:443

# Reference: https://twitter.com/drb_ra/status/1602511939887833089

server2077.microsoft-essentials.com

# Reference: https://www.virustotal.com/gui/file/595e6a0132e29481f733885bc0c0b56579a7ef7b097f4fd7c2e9d0bf00f3a69a/detection

165.227.79.69:443

# Reference: https://twitter.com/drb_ra/status/1602511975665352705
# Reference: https://twitter.com/drb_ra/status/1602512298983268352

http://154.39.250.172
http://154.39.250.188
http://154.39.250.4

# Reference: https://twitter.com/drb_ra/status/1602512060650323969

http://107.148.129.142

# Reference: https://twitter.com/drb_ra/status/1602530446415364099

39.105.93.251:44444

# Reference: https://twitter.com/drb_ra/status/1602531337918971904

http://1.117.91.33

# Reference: https://twitter.com/drb_ra/status/1602531999150907393

service-cjgyy59m-1301310284.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1602627826200580098

119.23.229.180:8000

# Reference: https://twitter.com/drb_ra/status/1602628519116275713

69.172.74.52:443

# Reference: https://twitter.com/drb_ra/status/1602629210710867968

counterforce.cc

# Reference: https://twitter.com/drb_ra/status/1602631645454110720

114.132.155.224:443

# Reference: https://twitter.com/drb_ra/status/1602632512748097536

106.12.134.91:777

# Reference: https://twitter.com/drb_ra/status/1602633860969275393

178.18.255.124:443

# Reference: https://twitter.com/drb_ra/status/1602635756824150017

47.92.95.200:8081

# Reference: https://twitter.com/drb_ra/status/1602636188535427072

43.139.69.104:8800

# Reference: https://twitter.com/drb_ra/status/1602636351177908225
# Reference: https://twitter.com/drb_ra/status/1602636578672852993

http://204.44.125.106
204.44.125.106:443

# Reference: https://twitter.com/drb_ra/status/1602687642205884416

1.13.175.57:9090

# Reference: https://twitter.com/drb_ra/status/1602837320855601153

107.174.186.22:5566

# Reference: https://twitter.com/drb_ra/status/1602867321596526593

100.125.39.72:51891
121.0.111.228:51891

# Reference: https://twitter.com/drb_ra/status/1602867458330791937

http://91.202.5.154
http://91.202.5.155

# Reference: https://twitter.com/drb_ra/status/1602867589583196160

47.242.93.231:8090

# Reference: https://twitter.com/drb_ra/status/1602867660059975680

svcchcost.com
as.svcchcost.com
qw.svcchcost.com
zx.svcchcost.com

# Reference: https://twitter.com/drb_ra/status/1602867767480385537

196.188.171.251:443

# Reference: https://twitter.com/drb_ra/status/1602867909184950274

144.202.34.78:10238

# Reference: https://twitter.com/drb_ra/status/1602868037568397312

118.99.52.8:81

# Reference: https://twitter.com/drb_ra/status/1602868634828816384

43.249.9.15:2233

# Reference: https://twitter.com/drb_ra/status/1602869032025210884

83.217.11.6:8888

# Reference: https://twitter.com/MichalKoczwara/status/1602997501183029249

47.111.139.209:9099

# Reference: https://twitter.com/drb_ra/status/1603019296564723713

193.106.191.208:443

# Reference: https://twitter.com/drb_ra/status/1603019487632048131

http://104.131.4.250

# Reference: https://twitter.com/drb_ra/status/1603020204090466304

http://81.68.219.25

# Reference: https://twitter.com/drb_ra/status/1603020559226388481

http://108.166.206.42

# Reference: https://twitter.com/drb_ra/status/1603020615581159424

194.165.16.90:8888

# Reference: https://twitter.com/drb_ra/status/1603021282001428485

sfimcdnupdate.sf-tech.com.cn.wswebpic.com

# Reference: https://twitter.com/drb_ra/status/1603021730053865473

43.139.139.56:8080

# Reference: https://twitter.com/drb_ra/status/1603023068405940227

101.43.104.60:9999
121.41.128.115:9999

# Reference: https://twitter.com/drb_ra/status/1603023145245491201

49.235.95.50:87

# Reference: https://twitter.com/drb_ra/status/1603023180393848836

39.108.0.113:443

# Reference: https://twitter.com/drb_ra/status/1603023768854695937

5.8.18.112:443

# Reference: https://twitter.com/drb_ra/status/1603024311870160901

77.73.133.84:8443

# Reference: https://twitter.com/drb_ra/status/1603025219110813697

http://43.142.184.130

# Reference: https://twitter.com/drb_ra/status/1603026407084462081

/register/space/FKV1SW8E42
/space/FKV1SW8E42
/FKV1SW8E42

# Reference: https://twitter.com/drb_ra/status/1603028014089981953

tumbleproperty.com
/put/intracorp/XG4VY9UN3
/intracorp/XG4VY9UN3
/XG4VY9UN3

# Reference: https://twitter.com/drb_ra/status/1603030172114075649

114.116.99.27:6666

# Reference: https://twitter.com/drb_ra/status/1603031259785183235

206.119.75.229:443

# Reference: https://twitter.com/drb_ra/status/1603032351444967425

1.14.198.89:8011

# Reference: https://twitter.com/drb_ra/status/1603032435716923392

m1crosoft.xyz
ns.m1crosoft.xyz

# Reference: https://twitter.com/drb_ra/status/1603032930103730180

http://43.142.31.225

# Reference: https://twitter.com/drb_ra/status/1603037531964162055

service-f28fmeum-1256527261.gz.apigw.tencentcs.com

# Reference: https://twitter.com/morimolymoly2/status/1602853090952028160
# Reference: https://www.virustotal.com/gui/file/e7416d41625d8e0391d281ba1c73ecda1dc1e543571f9badfe8ba0776a8e01fa/detection
# Reference: https://www.virustotal.com/gui/file/9d2507cf867f22e1d967fcbc0f429a3dd5334ecb8561febff6813c4476c59534/detection

18.65.162.119:443

# Reference: https://twitter.com/drb_ra/status/1603046341030068227

deyanggov.cf

# Reference: https://twitter.com/drb_ra/status/1603050458507055106

103.36.196.60:1233
nocc.cc

# Reference: https://twitter.com/drb_ra/status/1603055119460974594

http://80.85.154.166

# Reference: https://twitter.com/drb_ra/status/1603067539231326209

1.12.55.126:9988

# Reference: https://twitter.com/KorbenD_Intel/status/1603097779970129920

192.225.226.13:444
configlive.work.gd

# Reference: https://twitter.com/drb_ra/status/1603185614710620162

http://43.205.159.189

# Reference: https://twitter.com/drb_ra/status/1603186560094060545
# Reference: https://twitter.com/drb_ra/status/1603187103256526851

34.221.248.35:8080
34.221.248.35:8443
support-fbi.tk

# Reference: https://twitter.com/drb_ra/status/1603187210697801728

23.224.42.29:443

# Reference: https://twitter.com/drb_ra/status/1603198738729762816

47.100.232.223:443

# Reference: https://twitter.com/drb_ra/status/1603198822905221120

124.222.248.86:20011

# Reference: https://twitter.com/drb_ra/status/1603349604824662016

http://81.70.11.25

# Reference: https://twitter.com/drb_ra/status/1603349988985167872

43.142.60.207:8080

# Reference: https://twitter.com/drb_ra/status/1603350393735503872

124.70.100.184:4567

# Reference: https://twitter.com/drb_ra/status/1603351622247129088

39.98.50.48:9999

# Reference: https://www.virustotal.com/gui/file/38ded8ef84cd8b943b872aa8d8d23414f6e5a6f8d21e7701fa968a8226c2d736/detection
# Reference: https://www.virustotal.com/gui/file/3448110f3cbe194f5b0e0be0c2a417ff187f93f4bdfe051d516aa7b76c6c3c30/detection
# Reference: https://www.virustotal.com/gui/file/b5e5e3d8edd64bae2566c4a942c9352939623c246f33b135f826eb0355451a1e/detection

155.94.163.74:8086
155.94.163.74:8989
/DogCsDogCsDogCs.js

# Reference: https://twitter.com/KorbenD_Intel/status/1603474496849121281

kykyses.com
lyrasafety.com
cdn.lyrasafety.com
23-227-194-86.static.hvvc.us

# Reference: https://twitter.com/drb_ra/status/1603354137508384768

117.50.184.22:7676

# Reference: https://twitter.com/drb_ra/status/1603355269983002624

13.251.35.194:443
/Collect/Press/XPH6TIID3
/Press/XPH6TIID3
/XPH6TIID3

# Reference: https://twitter.com/drb_ra/status/1603414785172901889

http://43.138.178.132
http://43.138.171.18

# Reference: https://twitter.com/drb_ra/status/1603417512720437248

178.128.229.91:8443

# Reference: https://twitter.com/drb_ra/status/1603417987943383041

sunbelt.azureedge.net

# Reference: https://twitter.com/drb_ra/status/1603418985374048257

156.226.22.243:8823

# Reference: https://twitter.com/drb_ra/status/1603420748357451787

185.217.1.30:8080

# Reference: https://twitter.com/drb_ra/status/1603438034741075968

/design/modem/Q2BN7DY75TA
/modem/Q2BN7DY75TA
/Q2BN7DY75TA

# Reference: https://twitter.com/drb_ra/status/1603438086163206144

104.131.4.250:443

# Reference: https://twitter.com/drb_ra/status/1603494355775414276

http://121.5.235.93

# Reference: https://twitter.com/drb_ra/status/1603494452642947072

http://47.92.194.151

# Reference: https://twitter.com/drb_ra/status/1603495458118197256

101.43.188.175:6666

# Reference: https://twitter.com/drb_ra/status/1603495478187941916

217.76.51.196:443

# Reference: https://twitter.com/drb_ra/status/1603496279249674242

rainclv.com
/communicate/font/BXM8R04T
/font/BXM8R04T
/BXM8R04T

# Reference: https://twitter.com/drb_ra/status/1603497289678479363

http://123.57.131.96

# Reference: https://twitter.com/drb_ra/status/1603500936655151105

216.127.189.241:8381

# Reference: https://twitter.com/drb_ra/status/1603502301506928640

103.170.72.243:8443
zhwp.cf
b.zhwp.cf

# Reference: https://twitter.com/drb_ra/status/1603504642821865473

45.192.182.192:443
redshark.cc

# Reference: https://twitter.com/drb_ra/status/1603561572948910080

dllhost.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1603561602481094657

150.158.152.94:30001

# Reference: https://twitter.com/drb_ra/status/1603562569939165186

183.57.37.247:6666

# Reference: https://isc.sans.edu/diary/rss/29344
# Reference: https://otx.alienvault.com/pulse/639c251cccbd8ca49a40f4e5

http://199.127.62.132
http://46.4.182.102
http://176.105.202.212
190.61.121.35:443
bukifide.com
kingoflake.com
/adcs4

# Reference: https://twitter.com/drb_ra/status/1603707039804440576

47.242.74.51:7676

# Reference: https://twitter.com/drb_ra/status/1603707077850963969

buy-smart-home.com
/Explode/v9.46/6XA443OHVHK9
/v9.46/6XA443OHVHK9
/6XA443OHVHK9

# Reference: https://twitter.com/drb_ra/status/1603707166837424128

n3wf1nd3r.ga
n3w.n3wf1nd3r.ga

# Reference: https://twitter.com/drb_ra/status/1603707198214914051

51.210.243.38:6969

# Reference: https://twitter.com/drb_ra/status/1603707266192089088

d1jhkwbbq0yo0s.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1603707380658851841

8.212.49.116:2053

# Reference: https://twitter.com/drb_ra/status/1603707654198771713

http://70.34.249.7

# Reference: https://twitter.com/drb_ra/status/1603707706191347713

62.204.41.155:443

# Reference: https://www.virustotal.com/gui/file/5c39ebda58d5cbd9e09eebd022ecc93c92be2e034f5d7a338b68b2ff43a76c56/detection

apt10.team

# Reference: https://twitter.com/malwrhunterteam/status/1603732526270398464
# Reference: https://www.virustotal.com/gui/file/3c3e7bfc845499eef9596e7775c02f19aa6456514d440895f8ff4993d50802ac/detection

218.95.37.218:32654

# Reference: https://twitter.com/drb_ra/status/1603731493276229633

109.94.208.57:8080

# Reference: https://twitter.com/drb_ra/status/1603731597261520896

http://43.142.103.57

# Reference: https://twitter.com/drb_ra/status/1603732577453481984

svchost20221216.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1603732727538278400

43.136.128.160:8443
dnehtb.cn

# Reference: https://twitter.com/drb_ra/status/1603771723849023489
# Reference: https://twitter.com/drb_ra/status/1603772003466575874

d.hik.icu
cs.d.hik.icu

# Reference: https://twitter.com/drb_ra/status/1603780234289074182
# Reference: https://twitter.com/drb_ra/status/1603780590007984134

http://195.189.96.208
195.189.96.208:443

# Reference: https://twitter.com/drb_ra/status/1603857179865407509
# Reference: https://twitter.com/drb_ra/status/1603857335880933386
# Reference: https://twitter.com/drb_ra/status/1603857799330648064
# Reference: https://twitter.com/drb_ra/status/1603858881880416257
# Reference: https://twitter.com/drb_ra/status/1603859191445311490
# Reference: https://twitter.com/drb_ra/status/1603862140426850304
# Reference: https://twitter.com/drb_ra/status/1603862329741152256
# Reference: https://twitter.com/drb_ra/status/1603862422279839756
# Reference: https://twitter.com/drb_ra/status/1603865028607762433
# Reference: https://twitter.com/drb_ra/status/1603867921842855952

209.182.227.146:4444
209.182.227.146:8080
209.182.227.146:8888
209.182.227.147:8080
209.182.227.147:8888
209.182.227.148:4444
209.182.227.149:8080
209.182.227.149:8888
209.182.227.150:4444
209.182.227.150:8888
kucujiju.com
/split/v4.70/7HPBUZJP5
/v4.70/7HPBUZJP5
/7HPBUZJP5

# Reference: https://twitter.com/drb_ra/status/1603858069829607424

http://149.28.31.122

# Reference: https://twitter.com/drb_ra/status/1603858511120719878

47.242.55.170:2053

# Reference: https://twitter.com/drb_ra/status/1603858742189121551
# Reference: https://twitter.com/drb_ra/status/1603863459963232276

push.azureedge.net
push01.azureedge.net

# Reference: https://twitter.com/drb_ra/status/1603860506321772544

84.32.128.5:88

# Reference: https://twitter.com/drb_ra/status/1603860772265811970

216.24.243.181:9999

# Reference: https://twitter.com/drb_ra/status/1603863711210512384

191.101.78.79:8090
attlasian.wiki

# Reference: https://twitter.com/drb_ra/status/1603863901602471939

thebluewhale-habshgd4cfgpa0gt.z01.azurefd.net

# Reference: https://twitter.com/drb_ra/status/1603864161733206021

http://62.204.41.155

# Reference: https://twitter.com/drb_ra/status/1603867100170358784

27.122.59.226:443

# Reference: https://twitter.com/drb_ra/status/1603867324259393555

palaltocloud.online

# Reference: https://twitter.com/drb_ra/status/1603874642149662727

42.193.154.14:8001

# Reference: https://twitter.com/drb_ra/status/1603875223341785098

favls.com

# Reference: https://twitter.com/drb_ra/status/1603875864827027458

172.96.141.10:8443
ffiash.top
m.ffiash.top

# Reference: https://twitter.com/drb_ra/status/1603876027167563778

http://47.57.6.34

# Reference: https://twitter.com/drb_ra/status/1603878442763751425

39.101.198.2:8448

# Reference: https://www.elastic.co/security-labs/siestagraph-new-implant-uncovered-in-asean-member-foreign-ministry

http://185.239.70.229

# Reference: https://twitter.com/drb_ra/status/1603960264054956033

http://116.62.207.46

# Reference: https://twitter.com/drb_ra/status/1603960430342217730

service-e2k45q5k-1313934947.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1603961001979920384

service-gp6xrjkz-1314128526.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1603961254367956992

27.122.59.226:18088

# Reference: https://twitter.com/drb_ra/status/1603961452381016065

107.174.186.22:8090

# Reference: https://twitter.com/drb_ra/status/1603961529086492672

154.12.35.138:88

# Reference: https://twitter.com/drb_ra/status/1604086894102544384

http://124.220.189.243
http://218.60.93.132

# Reference: https://twitter.com/drb_ra/status/1604087054081613824
# Reference: https://twitter.com/drb_ra/status/1604087247669796869

77.73.134.23:10443
77.73.134.23:443
cloudmane.online

# Reference: https://twitter.com/drb_ra/status/1604203219579699201

81.68.142.187:4444

# Reference: https://twitter.com/drb_ra/status/1604203238122655745

43.132.122.84:443

# Reference: https://twitter.com/drb_ra/status/1604203259379359744

43.201.154.194:8080

# Reference: https://twitter.com/drb_ra/status/1604203326664368128

193.42.24.169:8773

# Reference: https://twitter.com/drb_ra/status/1604203399196856321

http://107.172.208.88

# Refereence: https://twitter.com/drb_ra/status/1604203636434898944

http://87.251.67.166

# Reference: https://twitter.com/drb_ra/status/1604203719532466176

144.34.161.133:9033

# Reference: https://twitter.com/drb_ra/status/1604203830849474560

http://195.133.53.186

# Reference: https://twitter.com/drb_ra/status/1604203943135162368

http://149.127.232.17

# Reference: https://twitter.com/drb_ra/status/1604233361177956353

192.3.231.208:8080
qax666.tk

# Reference: https://twitter.com/drb_ra/status/1604233695728209920
# Reference: https://www.virustotal.com/gui/ip-address/45.32.54.126/relations

www-baibu-com.website
www-souhu-com.tk

# Reference: https://twitter.com/drb_ra/status/1604233896606007299

45.77.43.207:8443

# Reference: https://twitter.com/drb_ra/status/1604290987798532096

http://81.70.213.54

# Reference: https://twitter.com/drb_ra/status/1604314762950631424

23.21.80.137:443

# Reference: https://twitter.com/drb_ra/status/1604314832236417027
# Reference: https://twitter.com/drb_ra/status/1604314914297896962

http://23.254.225.252
23.254.225.252:443
microupdate.online

# Reference: https://twitter.com/drb_ra/status/1604314937412784128

47.100.69.112:31111

# Reference: https://twitter.com/drb_ra/status/1604314961488101376

http://43.138.27.134

# Reference: https://twitter.com/drb_ra/status/1604315272151719936

1.12.55.126:8088

# Reference: https://twitter.com/drb_ra/status/1604482374858842113

119.29.1.212:9088

# Reference: https://twitter.com/drb_ra/status/1604482582477164544

103.233.253.147:2000

# Reference: https://twitter.com/drb_ra/status/1604482762165129222

103.233.253.147:8088

# Reference: https://twitter.com/drb_ra/status/1604494167501062146

143.198.243.87:443
/Devise/v2.7/5WSUDPEX
/v2.7/5WSUDPEX
/5WSUDPEX

# Reference: https://twitter.com/drb_ra/status/1604508607172644865

1.14.198.89:44477

# Reference: https://twitter.com/drb_ra/status/1604508697882935299

8.134.96.195:443

# Reference: https://twitter.com/drb_ra/status/1604653278842724357

119.29.1.212:8077

# Reference: https://twitter.com/drb_ra/status/1604763348301668352

43.139.7.93:443

# Reference: https://twitter.com/drb_ra/status/1604803615977345026

162.14.82.171:12345

# Reference: https://twitter.com/drb_ra/status/1604803645098401792

47.92.223.223:801

# Reference: https://twitter.com/drb_ra/status/1604803725742178304

43.142.77.246:10020

# Reference: https://twitter.com/drb_ra/status/1604803843702800385

152.136.212.69:55001

# Reference: https://twitter.com/drb_ra/status/1604803981707993088

42.192.19.75:8891

# Reference: https://twitter.com/drb_ra/status/1604804020589273088

http://39.98.50.48

# Reference: https://twitter.com/drb_ra/status/1604804040675704834

43.139.225.176:88

# Reference: https://twitter.com/drb_ra/status/1604804056542855169

47.114.151.215:8088

# Reference: https://twitter.com/drb_ra/status/1604804114923372547

39.106.90.73:40001

# Reference: https://twitter.com/drb_ra/status/1604804159701663748

cmdatabase.com

# Reference: https://twitter.com/drb_ra/status/1604874454500360195

116.49.14.117:9900

# Reference: https://twitter.com/drb_ra/status/1604875239720198152

15.164.155.60:443

# Reference: https://twitter.com/drb_ra/status/1604950805668323328

82.157.145.115:888

# Reference: https://twitter.com/drb_ra/status/1604951519023054849

81.71.162.183:8081

# Reference: https://twitter.com/drb_ra/status/1604952019860656129

103.42.31.253:5555

# Reference: https://twitter.com/drb_ra/status/1604953410373033991

77.73.134.23:445

# Reference: https://twitter.com/drb_ra/status/1604954504155353098
# Reference: https://twitter.com/drb_ra/status/1604954760850935809

94.131.2.19:443
94.131.2.19:8090
wustat-microsoft.com

# Reference: https://twitter.com/drb_ra/status/1604955173985681408

http://198.167.204.119
http://45.14.165.125

# Reference: https://twitter.com/drb_ra/status/1604955308622757889

135.148.97.180:8443
eserverx.com

# Reference: https://twitter.com/drb_ra/status/1604955851785228292

185.225.70.147:8080
twistettransistor.com
sso.twistettransistor.com

# Reference: https://twitter.com/drb_ra/status/1604960721758048268

185.163.45.132:443

# Reference: https://twitter.com/drb_ra/status/1604961444424044555

170.64.138.9:443

# Reference: https://twitter.com/drb_ra/status/1604962713234559015

5.188.86.196:443

# Reference: https://twitter.com/drb_ra/status/1604962806746566668

170.64.248.225:443

# Reference: https://twitter.com/drb_ra/status/1605035489656016896

154.209.74.154:3001

# Reference: https://twitter.com/drb_ra/status/1605131960078180353

http://45.76.97.48

# Reference: https://twitter.com/drb_ra/status/1605132071210467328

efgpfsbwjdwuivxyjwdx.com

# Reference: https://twitter.com/drb_ra/status/1605212843313401856

23.105.214.171:8080

# Reference: https://twitter.com/drb_ra/status/1605213101472858114

http://179.60.150.99

# Reference: https://twitter.com/drb_ra/status/1605214504823955457

http://5.188.86.196

# Reference: https://twitter.com/drb_ra/status/1605215076079833088

http://173.82.206.184

# Reference: https://twitter.com/drb_ra/status/1605215126759641089

49.232.191.102:443

# Reference: https://twitter.com/drb_ra/status/1605215195693039616

15.164.155.60:8888

# Reference: https://twitter.com/drb_ra/status/1605215528859189249

58.64.193.172:4443
buyshipping.ml
lin.buyshipping.ml

# Reference: https://twitter.com/drb_ra/status/1605228151365304322

http://82.157.251.237

# Reference: https://twitter.com/drb_ra/status/1605229651814748160

http://43.140.252.193

# Reference: https://twitter.com/drb_ra/status/1605229946103861250

121.199.0.54:8080

# Reference: https://twitter.com/drb_ra/status/1605231065752387586

124.71.84.65:8443

# Reference: https://twitter.com/drb_ra/status/1605231193502486529

7ce7c755fc664713a372e9ee635698da.apig.cn-east-3.huaweicloudapis.com

# Reference: https://twitter.com/drb_ra/status/1605231576656351233

47.242.58.73:8899

# Reference: https://twitter.com/drb_ra/status/1605232188827619328

ukmedia.store

# Reference: https://twitter.com/drb_ra/status/1605233357394255876

202.95.19.215:443

# Reference: https://twitter.com/drb_ra/status/1605233588152274944

110.40.199.147:443

# Reference: https://twitter.com/drb_ra/status/1605233913995091971

5.188.86.237:443
/functionalStatus/2JYbAmfY5gYNj7UrgAte5p1jXx2V
/2JYbAmfY5gYNj7UrgAte5p1jXx2V

# Reference: https://twitter.com/drb_ra/status/1605234165124849664

45.81.128.189:443
81.28.12.12:443
bdstatic.cf
static.bdstatic.cf

# Reference: https://twitter.com/drb_ra/status/1605234379772633089

194.165.16.58:443

# Reference: https://twitter.com/drb_ra/status/1605235651456139264

49.234.35.197:443

# Reference: https://twitter.com/drb_ra/status/1605286014754476059
# Reference: https://twitter.com/drb_ra/status/1605286424777052161

http://206.54.190.246
206.54.190.246:443

# Reference: https://twitter.com/drb_ra/status/1605286079594102784

216.83.45.202:443

# Reference: https://twitter.com/drb_ra/status/1605286130131390465

103.127.124.139:8443
dns-google.net

# Reference: https://twitter.com/drb_ra/status/1605286183818481670

155.133.27.151:8080

# Reference: https://twitter.com/drb_ra/status/1605286215904907280

lucky365.games
c1.lucky365.games

# Reference: https://twitter.com/drb_ra/status/1605286359949889544

rectificatelanguage.com
h3.rectificatelanguage.com

# Reference: https://twitter.com/drb_ra/status/1605286692352675848

154.209.74.154:443

# Reference: https://twitter.com/drb_ra/status/1605383504606515202

43.140.200.42:443

# Reference: https://twitter.com/drb_ra/status/1605383600760885248

http://1.116.160.60

# Reference: https://twitter.com/drb_ra/status/1605383727625928706

http://1.116.160.39

# Reference: https://twitter.com/drb_ra/status/1605383994182361090

http://134.209.72.110

# Reference: https://twitter.com/drb_ra/status/1605384093306437633

103.21.208.170:9889

# Reference: https://twitter.com/drb_ra/status/1605428551251116038

serensa.nl
/functionalStatus/8-ddQOE0ZmY7GUmymBx7eVPEmmty
/8-ddQOE0ZmY7GUmymBx7eVPEmmty

# Reference: https://twitter.com/drb_ra/status/1605428710743707648

42.192.54.106:3333

# Reference: https://twitter.com/drb_ra/status/1605428742049959937

42.192.19.75:8899

# Reference: https://twitter.com/drb_ra/status/1605428793639936001

109.94.208.57:443

# Reference: https://twitter.com/drb_ra/status/1605528889094295553

121.127.233.205:443

# Reference: https://twitter.com/drb_ra/status/1605529735840366593

120.26.240.21:55443

# Reference: https://twitter.com/drb_ra/status/1605530846441738240

http://81.70.167.153

# Reference: https://twitter.com/drb_ra/status/1605531028235378688

45.152.67.162:6443
ceshi897.tk
zyba.ceshi897.tk
service-7tllas30-1313419091.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1605531767540269056

mcrsoffice.workers.dev
update.mcrsoffice.workers.dev

# Reference: https://twitter.com/drb_ra/status/1605531980417867779

43.139.225.176:443

# Reference: https://twitter.com/drb_ra/status/1605532752203350016

43.140.200.42:8005

# Reference: https://twitter.com/drb_ra/status/1605567580542046208

http://149.28.195.210

# Reference: https://twitter.com/MichalKoczwara/status/1605646765134385153

http://175.178.73.224

# Reference: https://twitter.com/drb_ra/status/1605660913813553153

173.82.206.184:4433

# Reference: https://twitter.com/drb_ra/status/1605661137923629069

194.49.94.254:10086

# Reference: https://twitter.com/drb_ra/status/1605661192751562752

180.76.166.65:9110

# Reference: https://twitter.com/drb_ra/status/1605663932915515392

http://192.227.155.201

# Reference: https://twitter.com/drb_ra/status/1605664463109120009

poasnm.com

# Reference: https://twitter.com/drb_ra/status/1605738740818886656

http://79.137.207.137

# Reference: https://twitter.com/drb_ra/status/1605756113848246274

51.210.243.38:8085

# Reference: https://twitter.com/drb_ra/status/1605756616225263618

43.139.19.125:8585

# Reference: https://twitter.com/drb_ra/status/1605756726631882753

5.181.86.249:443
afspd.com

# Reference: https://twitter.com/drb_ra/status/1605756899453968384

23.160.193.145:443

# Reference: https://twitter.com/drb_ra/status/1605889028934475777

logedin1.kasperslkyupdate.com
logedin2.kasperslkyupdate.com

# Reference: https://twitter.com/drb_ra/status/1605925142252617728

4.205.51.119:8443

# Reference: https://twitter.com/drb_ra/status/1605925959097585666

4.205.51.119:8088

# Reference: https://twitter.com/drb_ra/status/1605926077066526722

4.205.51.119:8082

# Reference: https://twitter.com/drb_ra/status/1605926089649541122

4.205.51.119:8089

# Reference: https://twitter.com/TheDFIRReport/status/1605922731165466625

no-cs.cf

# Reference: https://twitter.com/drb_ra/status/1606076684423380993
# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-12-20-IOCs-for-IcedID-infection-with-Cobalt-Strike.txt

http://209.182.227.138
xedefeg.com

# Reference: https://twitter.com/drb_ra/status/1606038375839965190

88.218.192.70:443

# Reference: https://twitter.com/drb_ra/status/1606095038999568390

47.117.127.175:60001

# Reference: https://twitter.com/drb_ra/status/1606095106901147648

http://3.145.195.94

# Reference: https://twitter.com/drb_ra/status/1606288843946196994

38.6.155.73:8023

# Reference: https://twitter.com/drb_ra/status/1606289140554895361

http://91.213.50.35
/Start/ps/INHCOEVIG
/ps/INHCOEVIG
/INHCOEVIG

# Reference: https://twitter.com/drb_ra/status/1606289033117802503

service-r0ft855s-1303896379.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1606289542755008513

chrome-net.com
protect.chrome-net.com

# Reference: https://twitter.com/drb_ra/status/1606289697113882624

144.91.72.189:4444

# Reference: https://twitter.com/drb_ra/status/1606289756673003522

141.147.170.170:60001
vivio.icu
atk.vivio.icu

# Reference: https://twitter.com/drb_ra/status/1606290068666195969

185.246.221.128:886

# Reference: https://twitter.com/drb_ra/status/1606290157598040065

66.42.38.47:8443

# Reference: https://twitter.com/drb_ra/status/1606290324539822080

http://62.204.41.237

# Reference: https://twitter.com/drb_ra/status/1606374242328739840

216.83.38.235:8081

# Reference: https://twitter.com/drb_ra/status/1606374327896739840

85.209.135.49:8045

# Reference: https://twitter.com/drb_ra/status/1606374348604022786

198.12.74.39:8045

# Reference: https://twitter.com/drb_ra/status/1606374372394123265

37.58.62.182:8088

# Reference: https://twitter.com/drb_ra/status/1606374402521763848

http://64.227.132.76

# Reference: https://twitter.com/drb_ra/status/1606374567257247750

62.204.41.237:443

# Reference: https://twitter.com/drb_ra/status/1606374608206274561

http://107.148.49.83

# Reference: https://twitter.com/drb_ra/status/1606374656268767246

aashiyana.tatasteel.com
dsadtegd.global.ssl.fastly.net
/Remove/v7.61/B1S2VYTPUV
/v7.61/B1S2VYTPUV
/B1S2VYTPUV

# Reference: https://twitter.com/drb_ra/status/1606374725445423121

121.5.102.72:8889

# Reference: https://twitter.com/drb_ra/status/1606374952357269520

http://51.195.200.8

# Reference: https://twitter.com/drb_ra/status/1606374979918041110

37.58.62.182:8089

# Reference: https://twitter.com/drb_ra/status/1606377217797328905

81.70.11.25:443

# Reference: https://twitter.com/drb_ra/status/1606402957720920072

43.143.237.87:5678

# Reference: https://twitter.com/drb_ra/status/1606460589232070656

http://5.181.86.249

# Reference: https://twitter.com/drb_ra/status/1606479304753291267

http://45.13.234.14

# Reference: https://twitter.com/drb_ra/status/1606480123200475137

144.202.41.66:443
soltonbigs.com

# Reference: https://twitter.com/drb_ra/status/1606480567725445120

85.239.52.175:8443
blendrender.com

# Reference: https://twitter.com/Kostastsale/status/1606552747977117697
# Reference: https://twitter.com/Kostastsale/status/1606552749671612416
# Reference: https://www.virustotal.com/gui/file/be0eae80515553de45108c8d3c6d54dda7597536968031dc40c732c0961ec6fa/detection
# Reference: https://www.virustotal.com/gui/file/4b89d259196985a0c49253c58fee8182a1ae5482af84ba2ed39cc98d798f60de/detection
# Reference: https://www.virustotal.com/gui/file/cf7e9ef49ff3572505c46646c37a24d32caee5a1d5a01e7c75b9943f613977b4/detection
# Reference: https://www.virustotal.com/gui/file/cb458362e56ace4b3f2859a2e340fa5afefcff4e46acff0ba5968a1d4c9e439e/detection
# Reference: https://www.virustotal.com/gui/file/3eff337f68d8a4946fcd338af9537175b91279133fad3bacab855cca891d403e/detection

http://194.104.136.70
104.36.231.98:443
111.90.143.233:443
111.90.143.218:8443
46.174.236.175:443
ineoserver.com
johnjeffriesphotography.com
vosuxizen.com

# Reference: https://twitter.com/drb_ra/status/1606604532657659905

193.47.61.29:8080

# Reference: https://twitter.com/drb_ra/status/1606605569460142080

5.255.106.106:443

# Reference: https://twitter.com/drb_ra/status/1606606265592995840

43.138.178.132:443

# Reference: https://twitter.com/drb_ra/status/1606609337002205184

49.232.90.103:8443

# Reference: https://twitter.com/drb_ra/status/1606610567090814976

91.240.118.209:1025

# Reference: https://twitter.com/drb_ra/status/1606611143870521344

121.37.5.94:7777

# Reference: https://twitter.com/drb_ra/status/1606611291908579331

119.3.194.221:8080

# Reference: https://twitter.com/drb_ra/status/1606611856503734272

sslmcd.com
ns1.sslmcd.com
ns2.sslmcd.com
ns3.sslmcd.com
ns4.sslmcd.com

# Reference: https://twitter.com/drb_ra/status/1606613398233534465

43.139.116.197:8888

# Reference: https://twitter.com/drb_ra/status/1606614494192476160

117.50.184.22:8686

# Reference: https://twitter.com/drb_ra/status/1606615859077812225

8.131.94.164:7443

# Reference: https://twitter.com/drb_ra/status/1606655604847788034

http://1.116.119.183

# Reference: https://twitter.com/drb_ra/status/1606679555082784768

http://101.43.109.197

# Reference: https://twitter.com/drb_ra/status/1606679725262442496

43.138.51.36:8443

# Reference: https://twitter.com/drb_ra/status/1606679806271262720

service-jjtklb1e-1307868367.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1606726602171244546
# Reference: https://twitter.com/drb_ra/status/1606840404565004288
# Reference: https://twitter.com/drb_ra/status/1607100130615824384

http://163.123.142.146
163.123.142.146:443
163.123.142.146:4444
updatemicrotok.online

# Reference: https://twitter.com/drb_ra/status/1606726836225966083

8.134.63.69:443

# Reference: https://twitter.com/drb_ra/status/1606727097711579136

167.71.221.51:12336

# Reference: https://twitter.com/drb_ra/status/1606764460785418242

http://194.165.16.58

# Reference: https://twitter.com/drb_ra/status/1606839527099842560

45.13.234.14:443

# Reference: https://twitter.com/drb_ra/status/1606839902531977222

1.15.54.42:443

# Reference: https://twitter.com/drb_ra/status/1606840018252832769
# Reference: https://twitter.com/drb_ra/status/1606840816437284865

185.225.73.244:443
185.225.73.244:8080
/Def/zips/O9QEMOIHX5
/zips/O9QEMOIHX5
/O9QEMOIHX5

# Reference: https://twitter.com/drb_ra/status/1606840241805041664

http://106.52.85.114

# Reference: https://twitter.com/drb_ra/status/1606840531245490179

43.156.150.242:2087
update.micsoft365.online

# Reference: https://twitter.com/drb_ra/status/1606840637789274112

1.116.119.183:443

# Reference: https://twitter.com/drb_ra/status/1606841085745061888

http://23.160.193.145

# Reference: https://twitter.com/drb_ra/status/1606941443607650304

106.75.218.220:8443

# Reference: https://www.virustotal.com/gui/file/60d86f1572fe85b08530ac8877fc604c81dc1256977d05e4cc646dba3b18fc46/detection

112.253.30.50:8443

# Reference: https://twitter.com/drb_ra/status/1607099097898524680

http://194.195.254.159

# Reference: https://twitter.com/drb_ra/status/1607099144157503488

http://47.92.25.232

# Reference: https://twitter.com/drb_ra/status/1607099302265896962

zfuxwvouqvnttpsrxe.tech

# Reference: https://twitter.com/drb_ra/status/1607099737991270400

152.89.239.35:8443
activate.anondns.net
deb.anondns.net
luckycloud.anondns.net
luckys3c.anondns.net
luckysec.anondns.net
unlucky.anondns.net
webmail.unlucky.anondns.net

# Reference: https://twitter.com/drb_ra/status/1607099894057115651

one-gaming-store.com
/Level/v3.7/CB7OWFLKPZBB
/v3.7/CB7OWFLKPZBB
/CB7OWFLKPZBB

# Reference: https://twitter.com/drb_ra/status/1607100021513617410

37.58.62.182:7086

# Reference: https://twitter.com/drb_ra/status/1607100295359733760

101.99.90.111:443

# Reference: https://twitter.com/drb_ra/status/1607125598807154688

45.159.251.95:443

# Reference: https://twitter.com/drb_ra/status/1607129431625039872

5.188.86.237:1433

# Reference: https://twitter.com/drb_ra/status/1607130966363115520

183.57.37.247:6666

# Reference: https://twitter.com/drb_ra/status/1607133721374736389

http://106.75.218.220

# Reference: https://twitter.com/drb_ra/status/1607200082461446144

84.32.190.176:445

# Reference: https://twitter.com/drb_ra/status/1607200280877142016

45.61.136.213:1443

# Reference: https://twitter.com/drb_ra/status/1607200460833693698

http://154.204.43.31

# Refereence: https://twitter.com/drb_ra/status/1607200640500989952

155.248.180.127:9998

# Reference: https://twitter.com/drb_ra/status/1607201297605820416

http://20.225.139.12

# Reference: https://twitter.com/drb_ra/status/1607336571715440648

120.48.124.220:3333

# Reference: https://twitter.com/drb_ra/status/1607336697271926786

43.249.9.15:7788

# Reference: https://twitter.com/drb_ra/status/1607337369048416256

d2keqa7g0xnve6.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1607337415689048066

121.196.165.107:6666

# Reference: https://twitter.com/drb_ra/status/1607337762079866881

d16vrz45pe7l8i.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1607338662219456513

58.64.193.172:8800

# Reference: https://twitter.com/drb_ra/status/1607338710344802305

thcloud.tk

# Reference: https://twitter.com/drb_ra/status/1607339054772764672

195.189.99.114:9443

# Reference: https://twitter.com/drb_ra/status/1607339258125209600

http://106.75.247.178
http://106.75.218.220

# Reference: https://twitter.com/drb_ra/status/1607392039838093312

91.215.85.132:443

# Reference: https://twitter.com/drb_ra/status/1607392368927318016

smallpetlive.com
/Read/v7.18/GKCFMRN0K
/v7.18/GKCFMRN0K
/GKCFMRN0K

# Reference: https://twitter.com/drb_ra/status/1607392584107794434

101.43.188.175:6666
chidao.icu
laxstore.top
chidao.laxstore.top

# Reference: https://twitter.com/drb_ra/status/1607392735211692034

124.223.181.21:8080

# Reference: https://twitter.com/drb_ra/status/1607392946931879941

43.138.105.228:81

# Reference: https://twitter.com/drb_ra/status/1607431866881114113

107.148.129.142:8080

# Reference: https://twitter.com/drb_ra/status/1607465328195289088

107.173.122.218:51004

# Reference: https://twitter.com/drb_ra/status/1607465460743782400

107.173.122.218:51002

# Reference: https://twitter.com/drb_ra/status/1607465557233745920

http://1.116.161.177

# Reference: https://twitter.com/drb_ra/status/1607465926298828800

103.253.43.197:8285

# Reference: https://twitter.com/drb_ra/status/1607466091541839873

101.99.90.18:443
update.viewdns.net

# Reference: https://twitter.com/drb_ra/status/1607466146210480130

107.173.122.218:51001

# Reference: https://twitter.com/drb_ra/status/1607466171325943809

185.207.154.114:61444

# Reference: https://twitter.com/drb_ra/status/1607466323507920898

106.52.85.114:443

# Reference: https://twitter.com/drb_ra/status/1607466417024024577

217.160.247.34:443

# Reference: https://twitter.com/drb_ra/status/1607466671203127300

http://162.14.97.126

# Reference: https://twitter.com/drb_ra/status/1607468059056373761

service-nl25bhib-1257451595.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1607563281262166016

120.79.64.164:8088

# Reference: https://twitter.com/drb_ra/status/1607563369367703552

101.99.90.18:8008
update.viewdns.net

# Reference: https://twitter.com/drb_ra/status/1607563406667616257

34.92.28.142:443

# Reference: https://twitter.com/drb_ra/status/1607564115861544964

117.50.184.22:6565

# Reference: https://twitter.com/drb_ra/status/1607564516773986306

3.76.40.105:443

# Reference: https://twitter.com/drb_ra/status/1607672265382006784

103.234.72.104:8099

# Reference: https://twitter.com/drb_ra/status/1607682028836687872

43.134.231.129:443

# Reference: https://twitter.com/drb_ra/status/1607698992858537984

124.222.18.35:8080

# Reference: https://twitter.com/drb_ra/status/1607710044203655168

http://120.27.147.74

# Reference: https://twitter.com/drb_ra/status/1607722363105189889

43.138.111.120:7788

# Reference: https://twitter.com/drb_ra/status/1607722461662945281

43.138.46.178:8081

# Reference: https://twitter.com/drb_ra/status/1607722732510236674

1.14.66.24:4444

# Reference: https://twitter.com/drb_ra/status/1607783324071649281

1.15.223.31:443

# Reference: https://twitter.com/drb_ra/status/1607823183805136900

185.106.94.9:8080
itbusinessusa.com

# Reference: https://twitter.com/drb_ra/status/1607823265212293123

173.255.249.221:8443

# Reference: https://twitter.com/drb_ra/status/1607823821230280704

116.204.75.118:33334

# Reference: https://twitter.com/drb_ra/status/1607823924795940867

194.87.46.87:443

# Reference: https://twitter.com/drb_ra/status/1607824112302317569

114.116.46.131:10010

# Reference: https://twitter.com/drb_ra/status/1607824161400832002

193.42.33.218:443
/Arrange/v7.66/X4A12FDAI
/v7.66/X4A12FDAI
/X4A12FDAI

# Reference: https://www.virustotal.com/gui/file/888750cee6858ec2c6131628caa562be26b1c65ecaeff4addcbf73a456c99517/detection

jquery.ink
time.jquery.ink
update.jquery.ink
www2.jquery.ink
32274.time.jquery.ink
32274.update.jquery.ink
50419.time.jquery.ink
50419.update.jquery.ink
5564.time.jquery.ink
5564.update.jquery.ink
55997.time.jquery.ink
55997.update.jquery.ink
65024.time.jquery.ink
65024.update.jquery.ink
68191.time.jquery.ink
68191.update.jquery.ink
96093.time.jquery.ink
96093.update.jquery.ink

# Reference: https://twitter.com/drb_ra/status/1607863524285452292

108.62.118.131:443
zobagip.com
/verify/v1.5/QWDPDEXPSQW
/v1.5/QWDPDEXPSQW
/QWDPDEXPSQW

# Reference: https://twitter.com/drb_ra/status/1607864676305485826

108.62.118.15:443
fomeyogo.com
/queue/click/07B4WD8R
/click/07B4WD8R
/07B4WD8R

# Reference: https://twitter.com/drb_ra/status/1607924092329418753

84.32.128.43:8080
gimsvalued.com
sso.gimsvalued.com

# Reference: https://twitter.com/drb_ra/status/1607924280242601984

107.174.247.46:443
/Calculate/v3.43/OYOOC2RKXQN
/v3.43/OYOOC2RKXQN
/OYOOC2RKXQN

# Reference: https://twitter.com/drb_ra/status/1607924575236505602

http://34.221.248.35

# Reference: https://twitter.com/drb_ra/status/1607924646778732544

45.32.29.160:443

# Reference: https://twitter.com/drb_ra/status/1607924825678389248

apacheorg.wiki

# Reference: https://twitter.com/drb_ra/status/1607924905806266372

storkxzsvc.com
as.storkxzsvc.com
qw.storkxzsvc.com
zx.storkxzsvc.com

# Reference: https://twitter.com/drb_ra/status/1607925146412613633

45.63.86.75:443

# Reference: https://twitter.com/drb_ra/status/1608060782893322241

192.3.231.208:8443

# Reference: https://twitter.com/drb_ra/status/1608065179949957122

64.44.168.92:443

# Refereence: https://twitter.com/drb_ra/status/1608146845229891585

service-rjphyzhq-1309482780.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1608190027175022596

43.143.143.20:8281

# Reference: https://twitter.com/drb_ra/status/1608190075816361988

wv2022.com
a.wv2022.com

# Reference: https://twitter.com/drb_ra/status/1608190245241061377

154.204.43.31:443

# Reference: https://twitter.com/drb_ra/status/1608190329164898306

microsoft-stroge.co

# Reference: https://twitter.com/drb_ra/status/1608190389105709056

http://193.149.185.189

# Reference: https://twitter.com/drb_ra/status/1608190417794732032

43.128.72.129:443

# Reference: https://twitter.com/drb_ra/status/1608190462522703878

140.238.17.238:8899

# Reference: https://twitter.com/drb_ra/status/1608190802303352837

84.32.128.43:8443

# Reference: https://twitter.com/drb_ra/status/1608190922201747458

120.26.222.234:443

# Reference: https://twitter.com/drb_ra/status/1608190954959249408

http://155.138.139.238

# Reference: https://twitter.com/drb_ra/status/1608190981442093057

43.143.137.6:8081

# Reference: https://twitter.com/drb_ra/status/1608191412087947267

45.89.55.207:8080

# Reference: https://twitter.com/drb_ra/status/1608191451938127873

194.135.24.253:443

# Reference: https://twitter.com/drb_ra/status/1608191498910040070

213.227.140.7:8088

# Reference: https://twitter.com/drb_ra/status/1608191799792734208

http://155.138.150.70

# Reference: https://twitter.com/drb_ra/status/1608191923830902788

service-g5fx6god-1257451595.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1608192006861242368

first-site.workers.dev
gc.first-site.workers.dev
/eBjC5xrj65Gxaa1652

# Reference: https://twitter.com/drb_ra/status/1608192049659973633

103.100.157.218:88

# Reference: https://twitter.com/drb_ra/status/1608192080882372611

http://96.43.92.72

# Reference: https://twitter.com/drb_ra/status/1608217251978551300

213.227.140.7:8089
j7aaycd6fe6mpp.ddns.net

# Reference: https://twitter.com/drb_ra/status/1608273548073922560

43.139.156.186:443

# Reference: https://twitter.com/drb_ra/status/1608275546290683904

4.205.51.119:8084

# Reference: https://twitter.com/drb_ra/status/1608275629690228736

154.7.253.59:8080

# Reference: https://twitter.com/drb_ra/status/1608275947693961221

http://8.209.215.82

# Reference: https://twitter.com/drb_ra/status/1608276264238084096

103.100.157.214:88

# Reference: https://twitter.com/drb_ra/status/1608427381676539905

101.43.109.197:8080

# Reference: https://twitter.com/drb_ra/status/1608530748415377416

1.15.141.252:443

# Reference: https://twitter.com/drb_ra/status/1608531028720717826

114.132.204.191:443

# Reference: https://twitter.com/MichalKoczwara/status/1608756413874212865

8.210.141.104:8000

# Reference: https://twitter.com/drb_ra/status/1608550588844851202

198.55.96.55:10001

# Reference: https://twitter.com/drb_ra/status/1608550647124590598

216.24.243.168:443

# Reference: https://twitter.com/drb_ra/status/1608550684059701249

104.243.35.146:8081

# Reference: https://twitter.com/drb_ra/status/1608550766742061057

103.100.157.207:88

# Reference: https://twitter.com/drb_ra/status/1608550811231031296

154.92.15.67:33389

# Reference: https://twitter.com/drb_ra/status/1608550922275233798

167.235.150.252:444

# Reference: https://twitter.com/drb_ra/status/1608551060687265792

154.26.192.35:443

# Reference: https://twitter.com/drb_ra/status/1608551216312639488

cdnverificationlinks.com
api.cdnverificationlinks.com
msupdate.cdnverificationlinks.com

# Reference: https://twitter.com/drb_ra/status/1608551540918304772

c-c-backelmjyx.cn-shanghai.fcapp.run

# Reference: https://twitter.com/drb_ra/status/1608551613530005505

185.225.70.147:9443

# Reference: https://twitter.com/drb_ra/status/1608577900902600704

http://3.145.195.94

# Reference: https://twitter.com/drb_ra/status/1608580310400122885

140.143.232.178:8081

# Reference: https://twitter.com/drb_ra/status/1608654028321210369

http://35.236.161.97

# Reference: https://twitter.com/drb_ra/status/1608654053650878465

154.83.14.152:2080

# Reference: https://twitter.com/drb_ra/status/1608654528710168577

http://51.91.99.2

# Reference: https://twitter.com/drb_ra/status/1608654584511078402

http://23.227.193.33

# Reference: https://twitter.com/drb_ra/status/1608654779089043456

107.174.186.22:8091

# Reference: https://twitter.com/drb_ra/status/1608654810579869696

http://140.210.218.254

# Reference: https://twitter.com/drb_ra/status/1608654852510326786

43.156.3.238:2096

# Reference: https://twitter.com/drb_ra/status/1608654998040100869

4.234.97.10:8443
amazooon.ga
jijiya.amazooon.ga

# Reference: https://twitter.com/drb_ra/status/1608655159961190402

23.227.193.33:443

# Reference: https://twitter.com/drb_ra/status/1608655244031844352

d3ktcnc1w6pd1f.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1608770120339300355

101.34.76.186:443

# Reference: https://twitter.com/drb_ra/status/1608770844553056256

5.188.86.237:443
/messages/M7so250O7gw3QLSuuuMkwnE3V
/M7so250O7gw3QLSuuuMkwnE3V

# Reference: https://twitter.com/drb_ra/status/1608771977136709635
# Reference: https://twitter.com/drb_ra/status/1608830889655427074

http://101.34.83.66
101.34.83.66:443

# Reference: https://twitter.com/drb_ra/status/1608782563933306881

110.41.131.105:7777

# Reference: https://twitter.com/drb_ra/status/1608784770237976576

kar98k.icu

# Reference: https://twitter.com/drb_ra/status/1608786327872458753

http://140.143.232.178
http://61.163.146.230

# Reference: https://twitter.com/drb_ra/status/1608787601271439360

101.43.240.159:801

# Reference: https://twitter.com/drb_ra/status/1608810446273892353

39.101.67.58:443

# Reference: https://twitter.com/drb_ra/status/1608813638382505985

49.232.222.254:9443

# Reference: https://twitter.com/drb_ra/status/1608814254039220224

d2vl0gdro49u3c.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1608830625036865537

d194zjmj02lpmi.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1608833548894470144

159.138.29.51:443

# Reference: https://twitter.com/drb_ra/status/1608836054152318977

140.210.218.254:7777

# Reference: https://twitter.com/drb_ra/status/1608837348363567107

falsespace.space

# Reference: https://twitter.com/drb_ra/status/1608839102560108544

45.148.120.196:443

# Reference: https://twitter.com/drb_ra/status/1609000257664188418

188.166.208.240:2096
360niubiclass.tk
searchme.360niubiclass.tk

# Reference: https://twitter.com/drb_ra/status/1609000367496241153

195.133.11.134:2222

# Reference: https://twitter.com/drb_ra/status/1609000665035988993

xia0hel.tk

# Reference: https://twitter.com/drb_ra/status/1609001099951759361

5.188.86.194:443

# Reference: https://twitter.com/drb_ra/status/1609117009060446208

117.50.175.21:443

# Reference: https://www.virustotal.com/gui/file/40a12d67c7e0e4f2620a3c4c4341de875265c6661aaad384de6238f8cdf8d111/detection

117.50.175.21:77

# Reference: https://twitter.com/drb_ra/status/1609147019628527620

43.156.3.238:2095

# Reference: https://twitter.com/drb_ra/status/1609147644521201665
# Reference: https://twitter.com/drb_ra/status/1609148674206060544

http://185.227.154.118
185.227.154.118:443

# Reference: https://twitter.com/drb_ra/status/1609148642908164096

service-bqos07se-1301870681.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1609150367488434176

124.221.133.199:8080

# Reference: https://twitter.com/drb_ra/status/1609192848817065994

39.108.87.38:443

# Reference: https://twitter.com/drb_ra/status/1609193376833802240

http://101.42.19.216

# Reference: https://twitter.com/drb_ra/status/1609193475387412483

117.50.184.22:8282

# Reference: https://twitter.com/drb_ra/status/1609193680908288002

150.158.101.160:443

# Reference: https://twitter.com/drb_ra/status/1609262629117116418

topgamenetwork.com
/sub/v5.85/UGE9MFNCD5
/v5.85/UGE9MFNCD5
/UGE9MFNCD5

# Reference: https://twitter.com/drb_ra/status/1609262751666380802

39.105.168.110:9443

# Reference: https://twitter.com/drb_ra/status/1609264053246984192

66.112.220.31:8080

# Reference: https://twitter.com/drb_ra/status/1609267784906579968

106.15.40.123:443

# Reference: https://twitter.com/drb_ra/status/1609274826857889792

144.34.166.196:8089

# Reference: https://twitter.com/drb_ra/status/1609274929739882498
# Reference: https://twitter.com/drb_ra/status/1609274984114929665

161.49.173.243:443
173.254.204.67:443

# Reference: https://twitter.com/drb_ra/status/1609274947809017856

173.82.187.171:9999
o365files.cn
api.o365files.cn

# Reference: https://twitter.com/drb_ra/status/1609275134707212289

http://103.187.168.153

# Reference: https://twitter.com/drb_ra/status/1609275188377534465

185.19.212.105:443

# Reference: https://twitter.com/drb_ra/status/1609275220254138368

96.45.170.235:7979

# Reference: https://twitter.com/drb_ra/status/1609275244602179585

103.239.103.146:443

# Reference: https://twitter.com/drb_ra/status/1609275275279323137

103.239.103.146:10001

# Reference: https://twitter.com/drb_ra/status/1609275350432743425

freegaysnews.com
/inform/elements/UR98DBL2REU
/elements/UR98DBL2REU
/UR98DBL2REU

# Reference: https://twitter.com/drb_ra/status/1609275699281403908

173.254.204.67:443
200.159.130.82:443

# Reference: https://twitter.com/drb_ra/status/1609303683346358273

175.178.119.5:60000

# Reference: https://twitter.com/drb_ra/status/1609304963708063744

service-eqgy4a0w-1306743016.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1609374087729520640

5.188.86.194:88

# Reference: https://twitter.com/drb_ra/status/1609374326649757696

23.224.39.41:8081

# Reference: https://twitter.com/drb_ra/status/1609374843803209731

8.210.74.45:443

# Reference: https://twitter.com/drb_ra/status/1609375063278583809

20.104.209.69:8082

# Reference: https://twitter.com/drb_ra/status/1609375227586256896

complete-treat-357520.uc.r.appspot.com

# Reference: https://twitter.com/drb_ra/status/1609375300961402880

43.156.3.238:2087

# Reference: https://twitter.com/drb_ra/status/1609518396831420417

http://101.201.49.219

# Reference: https://twitter.com/drb_ra/status/1609608861408759810

179.43.162.9:443

# Reference: https://twitter.com/drb_ra/status/1609611593490251778

http://81.70.88.97

# Reference: https://twitter.com/drb_ra/status/1609612628980113408

45.66.159.41:4445

# Reference: https://twitter.com/drb_ra/status/1609613120577609728

103.42.212.94:443
/Accelerate/v1.24/C82G6Q12R26O
/v1.24/C82G6Q12R26O
/C82G6Q12R26O

# Reference: https://twitter.com/drb_ra/status/1609635152472186880

103.234.72.104:8011

# Reference: https://twitter.com/drb_ra/status/1609740745631465473

20.104.209.69:8083

# Reference: https://twitter.com/drb_ra/status/1609741184368349185

http://121.4.97.5

# Reference: https://twitter.com/drb_ra/status/1609845856148013057

http://47.92.227.151

# Reference: https://twitter.com/drb_ra/status/1609852444694962178

110.41.131.105:6666

# Reference: https://twitter.com/drb_ra/status/1609852670575009792

49.4.88.243:82

# Reference: https://twitter.com/drb_ra/status/1609857091824492545

http://49.4.88.243

# Reference: https://twitter.com/drb_ra/status/1609858143672061956

linkkedin.life

# Reference: https://twitter.com/drb_ra/status/1609908132288815105

/consolidate/v7.72/3AH5HD6X6KV
/v7.72/3AH5HD6X6KV
/3AH5HD6X6KV

# Reference: https://www.virustotal.com/gui/file/a14de4c144aecad137ddc4d911088b1455cbb6dcf90d253450644a309ef9d249/detection

23528965.hopto.org

# Reference: https://twitter.com/drb_ra/status/1609999633618538497

91.223.236.115:443

# Reference: https://twitter.com/drb_ra/status/1609999728107831297

service-bqos07se-1301870681.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1609999974611226624

198.74.56.186:7777

# Reference: https://twitter.com/drb_ra/status/1610000495699009541

http://195.133.11.246

# Reference: https://twitter.com/drb_ra/status/1610000535540699151

http://39.96.116.31

# Reference: https://twitter.com/drb_ra/status/1610027383028957186

106.75.247.178:8443

# Reference: https://twitter.com/drb_ra/status/1610085116973309953

43.142.103.57:31361

# Reference: https://twitter.com/drb_ra/status/1610086516952276992

167.71.213.192:52621

# Reference: https://twitter.com/drb_ra/status/1610103340314107915

57.128.163.3:8080

# Reference: https://twitter.com/drb_ra/status/1610103610871844865

57.128.163.3:8082

# Reference: https://twitter.com/drb_ra/status/1610103823057522692

23.94.240.64:443

# Reference: https://twitter.com/drb_ra/status/1610238848797114369

159.75.1.146:10001

# Reference: https://twitter.com/drb_ra/status/1610241221384880129

91.215.85.176:443

# Reference: https://twitter.com/drb_ra/status/1610251022001229826

d2dsya5bkwoi1u.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1610251939169591296

39.101.1.65:35608
jincheng4917.cn

# Reference: https://twitter.com/drb_ra/status/1610284576592510977

service-bqos07se-1301870681.gz.apigw.tencentcs.com

# Reference: https://github.com/prodaft/malware-ioc/commit/9ff7a1d06f9408bd7e626ef0246ab2025989d439

bajanoh.com
bebiyib.com
befatu.com
bejafek.com
cufeze.com
divayuw.com
diyexake.com
fedugig.com
gefugowej.com
gihevu.com
gojahuteh.com
haxiwiz.com
hivazaku.com
hotofebax.com
hoyahe.com
kakezik.com
kefugev.com
kelezel.com
kikadin.com
labavad.com
laseku.com
lawapuyal.com
lihafedava.com
luxisew.com
luyilehuse.com
mayiwil.com
mujegili.com
nurahu.com
pelowitoye.com
pisofatiwi.com
raniyev.com
rehuwejuf.com
ribotekuso.com
samanudi.com
semofuy.com
subopofaz.com
tacigi.com
totupuz.com
tovuvil.com
tumutusova.com
vakomoyan.com
vojexe.com
wakacuk.com
woginud.com
wokubaxute.com
woxoporiz.com
xarovaw.com
xeyaze.com
xihumiha.com
xoperuz.com
xuyegey.com
yuxububo.com
zolewiso.com
zupijaz.com

# Reference: https://twitter.com/a_tweeter_user/status/1610290582655750144
# Reference: https://www.virustotal.com/gui/file/df94021d44748946e0565207e453dbc66d80020868e6b14d49953f3d1c3d35c3/detection

organitations.com
/Preserve/stat/3E8YZFXJ
/unqueue/tag/A1N6C7VL7WZ
/stat/3E8YZFXJ
/tag/A1N6C7VL7WZ
/3E8YZFXJ
/A1N6C7VL7WZ

# Reference: https://twitter.com/drb_ra/status/1610362784037969922

http://68.183.252.67

# Reference: https://twitter.com/drb_ra/status/1610363206387499011

195.178.120.47:8443

# Reference: https://twitter.com/drb_ra/status/1610363533568446464

176.122.172.73:4444

# Reference: https://twitter.com/drb_ra/status/1610363606918471687

139.84.135.46:8901

# Reference: https://twitter.com/drb_ra/status/1610363632105185282

137.184.247.75:443

# Reference: https://twitter.com/drb_ra/status/1610363818886021121

149.28.95.195:8443

# Reference: https://twitter.com/drb_ra/status/1610386440277430278

http://68.183.252.67

# Reference: https://twitter.com/drb_ra/status/1610386722994397198

http://150.158.212.71

# Reference: https://twitter.com/drb_ra/status/1610388164346089473

service-bqos07se-1301870681.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1610388360060669952

43.139.167.44:800

# Reference: https://twitter.com/drb_ra/status/1610389650685689857

119.3.73.208:443

# Reference: https://twitter.com/drb_ra/status/1610390061996015616

45.77.209.195:443

# Reference: https://twitter.com/drb_ra/status/1610452422161219584

45.92.158.220:8080
cloudflareo.club
dash.cloudflareo.club

# Reference: https://twitter.com/drb_ra/status/1610452566831161346

43.154.23.98:443

# Reference: https://twitter.com/drb_ra/status/1610453195142168576

http://3.28.158.144

# Reference: https://twitter.com/drb_ra/status/1610596590795776002

p4nd41.ssndob.cn.com
p4nd42.ssndob.cn.com

# Reference: https://twitter.com/drb_ra/status/1610597030245634048

47.108.150.23:443

# Reference: https://twitter.com/drb_ra/status/1610597657751261184

192.3.231.208:8081

# Reference: https://twitter.com/drb_ra/status/1610597900198838275

182.254.240.188:60001

# Reference: https://twitter.com/drb_ra/status/1610632109089079299

service-r0ft855s-1303896379.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1610632411074666496

103.187.168.153:443

# Reference: https://twitter.com/drb_ra/status/1610632458885545984

qe6evcafs0.execute-api.us-east-1.amazonaws.com

# Reference: https://twitter.com/drb_ra/status/1610632522177601539

45.195.8.162:4443

# Reference: https://twitter.com/drb_ra/status/1610717568465092627

http://165.227.224.249

# Reference: https://twitter.com/drb_ra/status/1610717735767490579

162.14.110.131:443

# Reference: https://twitter.com/drb_ra/status/1610717820140109840

zings.tk
jquery.zings.tk

# Reference: https://twitter.com/drb_ra/status/1610717919918407697

107.172.97.151:8066

# Reference: https://twitter.com/drb_ra/status/1610717988323311625
# Reference: https://twitter.com/drb_ra/status/1610717991653588993
# Reference: https://twitter.com/drb_ra/status/1610717994333749265

d29mvmlv0uf9l3.cloudfront.net
eba529b82f587655.azureedge.net
f2eafd14a457abd8.azureedge.net
/safebrowsing/znHZ7RLT/62ySsk3O0KeHqJYXoPp8mLigdTDg
/znHZ7RLT/62ySsk3O0KeHqJYXoPp8mLigdTDg
/62ySsk3O0KeHqJYXoPp8mLigdTDg

# Reference: https://twitter.com/drb_ra/status/1610718337679474713

http://107.148.130.141

# Reference: https://twitter.com/drb_ra/status/1610816315333148680

38.54.125.31:8443

# Reference: https://twitter.com/drb_ra/status/1610816468475592705

40.88.43.171:8080

# Reference: https://twitter.com/drb_ra/status/1610816638441365504

http://165.232.168.23
http://165.232.168.28

# Reference: https://twitter.com/drb_ra/status/1610995955293200384

http://47.92.122.146

# Reference: https://twitter.com/KorbenD_Intel/status/1610770681708556303
# Reference: https://twitter.com/KorbenD_Intel/status/1611095457605865481

108.62.118.157:443

# Reference: https://twitter.com/drb_ra/status/1611098853289218059

162.19.155.49:443

# Reference: https://twitter.com/drb_ra/status/1611100625822949376

http://94.131.107.118

# Reference: https://twitter.com/drb_ra/status/1611100968485003264

208.67.105.176:59876

# Reference: https://twitter.com/drb_ra/status/1611101135489716232

service-bqos07se-1301870681.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1611101494845050881

45.145.230.149:4653

# Reference: https://twitter.com/drb_ra/status/1611101765008609288

http://185.62.58.53

# Reference: https://twitter.com/drb_ra/status/1611103099648725015

89.185.85.247:8080
clarkitservices.com

# Reference: https://twitter.com/drb_ra/status/1611103232167759885

96.45.170.235:7676

# Reference: https://twitter.com/drb_ra/status/1611117524212391936

152.136.153.12:443

# Reference: https://twitter.com/drb_ra/status/1611117780597719042

43.138.33.133:8001

# Reference: https://twitter.com/drb_ra/status/1611120814195179520

140.143.232.178:2222

# Reference: https://twitter.com/drb_ra/status/1611122343643848705

topsafelive.com

# Reference: https://twitter.com/drb_ra/status/1611126540648996866

logedin.ssndob.cn.com

# Reference: https://twitter.com/drb_ra/status/1611137955287924736

18.142.105.245:443

# Reference: https://twitter.com/drb_ra/status/1611138370754777091

8.210.123.189:8033

# Reference: https://twitter.com/drb_ra/status/1611139140006907904

23.227.202.174:8080

# Reference: https://twitter.com/drb_ra/status/1611139551883296768

20.222.65.114:8000

# Reference: https://twitter.com/drb_ra/status/1611175519336243204

119.3.73.208:9999

# Reference: https://twitter.com/drb_ra/status/1611175953010495490

ilink.ink
vs.ilink.ink

# Reference: https://twitter.com/drb_ra/status/1611316017615044608

140.143.232.178:8080

# Reference: https://twitter.com/drb_ra/status/1611321667996844034

121.36.165.78:444

# Reference: https://twitter.com/drb_ra/status/1611323783276630016

108.62.118.157:443
23.108.57.16:443

# Reference: https://twitter.com/drb_ra/status/1611362941718110211

139.196.234.164:9998

# Reference: https://twitter.com/drb_ra/status/1611365646327062538

129.152.2.128:443

# Reference: https://twitter.com/drb_ra/status/1611366204043657216

207.180.248.202:5858

# Reference: https://twitter.com/drb_ra/status/1611366899958292480

calibet.solutions
solutions.calibet.solutions

# Reference: https://twitter.com/malwrhunterteam/status/1611423202957213701
# Reference: https://www.virustotal.com/gui/file/4c1b02898a8fc99afa72f1616ecdda6bda734a9487fdf0d9725eca3c422a4c23/detection

116.204.72.140:150

# Reference: https://twitter.com/malwrhunterteam/status/1611429257590226944
# Reference: https://www.virustotal.com/gui/file/b7aea162c5c0ff2ea9573b71f0bad5625fcb1957879d37829fc8dce1b6bd1a99/detection

101.42.229.45:8091

# Reference: https://twitter.com/drb_ra/status/1611468841279692802

185.246.221.111:81

# Reference: https://twitter.com/drb_ra/status/1611469620149456896

http://162.19.155.49

# Reference: https://twitter.com/drb_ra/status/1611470016519585794

http://195.211.96.81

# Reference: https://twitter.com/drb_ra/status/1611470750896082953

45.145.231.35:4444

# Reference: https://twitter.com/drb_ra/status/1611470966286073856

198.13.34.166:2095
taobaos.top
shop.taobaos.top

# Reference: https://twitter.com/drb_ra/status/1611471052055482369

89.32.41.169:443

# Reference: https://twitter.com/drb_ra/status/1611471778915799043

http://104.208.73.11

# Reference: https://twitter.com/drb_ra/status/1611472145128853504

137.184.34.98:8088

# Reference: https://twitter.com/drb_ra/status/1611472672742952972

107.172.29.162:9442

# Reference: https://twitter.com/drb_ra/status/1611472929010712576

188.119.64.218:20002

# Reference: https://twitter.com/drb_ra/status/1611473303998287875

84.32.191.131:666

# Reference: https://twitter.com/drb_ra/status/1611473598450892800

172.247.32.228:443

# Reference: https://twitter.com/drb_ra/status/1611473996876226566

101.99.95.103:443

# Reference: https://twitter.com/malwrhunterteam/status/1611488368507998235
# Reference: https://www.virustotal.com/gui/file/53ae451fe12259d334b423799f2ff0ac3e5484e273f6a835b3a7455dd91fff8e/detection

711market.shop

# Reference: https://twitter.com/drb_ra/status/1611539206337093635

23.108.57.80:443
regalazes.com
/interpret/v6.13/JFU585BO
/v6.13/JFU585BO
/JFU585BO

# Reference: https://twitter.com/drb_ra/status/1611570041434038274

39.109.86.193:90
59.200.121.196:90

# Reference: https://twitter.com/drb_ra/status/1611570400860819458

18.218.92.151:443

# Reference: https://twitter.com/drb_ra/status/1611570512051707906

45.77.20.229:8080

# Reference: https://twitter.com/drb_ra/status/1611571188999790593

23.227.202.188:8080

# Reference: https://twitter.com/drb_ra/status/1611571415504781312

137.184.34.98:8088
143.198.244.86:8088

# Reference: https://twitter.com/drb_ra/status/1611678632790851584

5.181.86.249:7700

# Reference: https://twitter.com/drb_ra/status/1611687815808434176

23.108.57.83:443
/construct/v5.19/DX2YYRISZ9
/v5.19/DX2YYRISZ9
/DX2YYRISZ9

# Reference: https://twitter.com/drb_ra/status/1611689489264435200
# Reference: https://www.virustotal.com/gui/file/dec4c226a5745c4434fae3ab6cd53fa70831399f7ffbaa952763d427d6c5bea9/detection

ruhiwedun.com

# Reference: https://twitter.com/drb_ra/status/1611694270708072448

service-jzl8fg3s-1302014318.gz.apigw.tencentcs.com

# Reference: https://twitter.com/malwrhunterteam/status/1611804017633402880
# Reference: https://www.virustotal.com/gui/file/4d7c360f40aacda1b177bc7d7e06922c3d383f05d74c6af419e8dc0ccfe5a29b/detection

http://8.133.236.211
8.133.236.211:42045
daishen.ltd

# Reference: https://twitter.com/malwrhunterteam/status/1611825180317196290
# Reference: https://www.virustotal.com/gui/file/b1ca06d34a3cb3ccb3b5760395de2072bb7420c47ccfd7e48cc1e0971b1f14ab/detection

updateservice.live
service.updateservice.live
system.updateservice.live
windows.updateservice.live
5a668df2.system.updateservice.live
5a668df2.windows.updateservice.live

# Reference: https://twitter.com/malwrhunterteam/status/1611843254177222657
# Reference: https://www.virustotal.com/gui/file/a80c2b3edd047dbbd1ac631c9a20960f5d54403da910eb3452e29194329f60dc/detection
# Reference: https://www.virustotal.com/gui/file/a10eb4ddad5d8b0f5fc956381c3d4f6d74031cc1ea21f92d8e2e4d7c5b091519/detection

att.outlook-msdn.com
messages.outlook-msdn.com

# Reference: https://twitter.com/drb_ra/status/1611843165643833346

163.197.249.211:81

# Reference: https://twitter.com/drb_ra/status/1611844130002329601

96.45.170.235:7878

# Reference: https://twitter.com/drb_ra/status/1611844208360300544

http://107.174.247.46

# Reference: https://twitter.com/drb_ra/status/1611845701960359938

103.20.221.53:2222

# Reference: https://twitter.com/drb_ra/status/1611847421608198144

cs2-1629717.internalsupports.com

# Reference: https://twitter.com/drb_ra/status/1611849023849119745

185.62.58.53:443

# Reference: https://twitter.com/malwrhunterteam/status/1611868306662735872
# Reference: https://www.virustotal.com/gui/ip-address/37.48.104.13/relations
# Reference: https://www.virustotal.com/gui/file/aa25ae2d337a9ba1aac7a41fe8e364322667b40e3ac08d7b7faeed76bb9273eb/detection

fsbsecurity.net
fsbsecurity.ru

# Reference: https://twitter.com/malwrhunterteam/status/1611860128407470080
# Reference: https://www.virustotal.com/gui/file/757a6a050bf6556e93525672d64a49171874eaaef6a8184dc483e481202a5e54/detection

nwhealthclinic.com
cms.nwhealthclinic.com
site.nwhealthclinic.com
teledoc.nwhealthclinic.com

# Reference: https://twitter.com/malwrhunterteam/status/1611878933493960706
# Reference: https://www.virustotal.com/gui/domain/cdn-cdn.vip/relations
# Reference: https://www.virustotal.com/gui/file/9cf0d7c278c7d87ea6c5578c4e07b069ec35bc02835386f91d936e5a853cb591/detection
# Reference: https://www.virustotal.com/gui/file/cab12342cf7561a3fa220b75c8c989641580b5dd47db09270b75e3099d7bf202/detection

asissinfo.com
cdn-cdn.vip
n.cdn-cdn.vip
5sqyrnph.cdn-cdn.vip
js27xu6m.n.cdn-cdn.vip
jse2whxr.cdn-cdn.vip
rcn5muab.cdn-cdn.vip
y8jr9amx.cdn-cdn.vip
/gayg6daygtg.png
/ja-jp/p/surface-book-3/get

# Reference: https://twitter.com/drb_ra/status/1611899394516783108

http://137.184.34.98
http://143.198.244.86

# Reference: https://twitter.com/drb_ra/status/1611900230760337410

175.178.89.241:7011

# Reference: https://twitter.com/drb_ra/status/1612005447950602240

http://143.110.156.32

# Reference: https://twitter.com/drb_ra/status/1612008281177817089

137.184.34.98:4444
143.198.244.86:4444

# Reference: https://twitter.com/drb_ra/status/1612008887661518849

45.79.75.97:8443

# Reference: https://twitter.com/drb_ra/status/1612009906915229696

http://45.128.220.127

# Reference: https://twitter.com/drb_ra/status/1612040615499370496

45.77.216.222:443

# Reference: https://twitter.com/drb_ra/status/1612050236146425856

38.242.241.231:443

# Reference: https://twitter.com/drb_ra/status/1612051264455548928
# Reference: https://twitter.com/drb_ra/status/1612051529988509697

http://193.201.9.189
193.201.9.189:443

# Reference: https://twitter.com/drb_ra/status/1612420974971953152
# Reference: https://www.virustotal.com/gui/file/81c257fe1ba552c7b431aa42fe81613826fbda4c7719dfbb2fd9e67b4d9fa86c/detection
# Reference: https://www.virustotal.com/gui/file/7107a9685654fac2a7b427a8cf6d85d99b4480a1bc0b97c8afd663c4592560fd/detection
# Reference: https://www.virustotal.com/gui/file/39637aa6ec212676b5273e4732b0fa7388dd41d6e6085eb3ed13ace12e05aaed/detection
# Reference: https://www.virustotal.com/gui/file/32c164b3de9585619c9d496ee21b14ea51e0745ff305f94ced9ac778d49fe793/detection

101.43.188.175:5657
101.43.188.175:8443
104.21.57.222:8443
172.67.150.89:8443
laxstore.gq
/email/DGDEDFDDDBDEDEDI.png
/DGDEDFDDDBDEDEDI.png

# Reference: https://twitter.com/cobaltstrikebot/status/1611826059347111936

http://124.213.66.228

# Reference: https://twitter.com/drb_ra/status/1612136779573780480

netwindws.com
api.netwindws.com
ftp.netwindws.com

# Reference: https://www.virustotal.com/gui/file/5955d889833619a0476251f74adcbd9420c5e7f53786bdc4c2be539145331dcf/detection
# Reference: https://www.virustotal.com/gui/file/2a462fc3eba430c6e4a11884839f90a98cdb6c3f53ccc4a2627af9e5e522b421/detection

win.netwindws.com

# Reference: https://twitter.com/drb_ra/status/1612139059173810176

http://101.42.104.211

# Reference: https://twitter.com/drb_ra/status/1612141362257739779

1.15.247.249:8086

# Reference: https://twitter.com/drb_ra/status/1612229556743688193

96.126.126.84:7777

# Reference: https://twitter.com/drb_ra/status/1612232546389004289

18.205.189.67:443

# Reference: https://twitter.com/_montysecurity/status/1612212468725563393
# Reference: https://www.virustotal.com/gui/file/98e42690efc9301465b027def015d23e1e720e64157e307f57e34f24c94c4162/detection
# Reference: https://www.virustotal.com/gui/file/b5d843c2c912629079de75cde0938c9f9f9fa07c40c4de232e58c92c0ac34ed3/detection
# Reference: https://www.virustotal.com/gui/file/044b098026dcb4b92a49bbcb86ae8716361f7f266444df0110694403899190e7/detection
# Reference: https://www.virustotal.com/gui/file/d5de453b0495f950787014dde9906bb37fcb1fbb37df259b0dea6c0e6ae2663a/detection

207.148.111.137:32145
207.148.111.137:45632
207.148.111.137:65412
207.148.111.137:8000
43.133.200.124:8089
zj0urs.xyz
download.zj0urs.xyz

# Reference: https://twitter.com/drb_ra/status/1612409710098923522

23.106.215.94:443
fowafow.com
/def/netscape/VS644DRCF
/netscape/VS644DRCF
/VS644DRCF

# Reference: https://twitter.com/drb_ra/status/1612412521792561153

203.57.227.25:777

# Reference: https://twitter.com/drb_ra/status/1612413536940003329

service-gcnqmcp3-1307217324.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1612413674529984512
# Reference: https://www.virustotal.com/gui/ip-address/172.93.193.238/relations

bitt.shop
fixx.sbs

# Reference: https://twitter.com/drb_ra/status/1612505599362666520

39.109.86.193:8088

# Reference: https://twitter.com/drb_ra/status/1612506254508711955

dh7ztmf3ppj6zj6ae2jbgv3lxqrguiiac7wgncekscoepwczj26fdzid.onion

# Reference: https://twitter.com/drb_ra/status/1612507316137385998

43.224.33.101:443

# Reference: https://twitter.com/drb_ra/status/1612507559398629382

45.32.105.16:443

# Reference: https://twitter.com/drb_ra/status/1612511328832200704

43.154.182.95:8443
sougoupingyin.com
search.sougoupingyin.com

# Reference: https://twitter.com/drb_ra/status/1612511643388239872

43.224.33.101:8080

# Reference: https://twitter.com/drb_ra/status/1612512957203636229

1.15.141.252:5555

# Reference: https://twitter.com/jstrosch/status/1612525680859701261

http://45.139.105.143

# Reference: https://twitter.com/drb_ra/status/1612588688961159174

http://38.60.50.186

# Reference: https://twitter.com/drb_ra/status/1612588771974725632
# Reference: https://www.virustotal.com/gui/file/72bbbec1d58cbbb1fa52988d0d3570a021271f5ff335956e5ae45bab664e525e/detection

20.106.95.240:4433
kasperskymeen.com
dl.kasperskymeen.com

# Reference: https://twitter.com/drb_ra/status/1612589034957676544

exx0n.life

# Reference: https://twitter.com/drb_ra/status/1612589762308722688

http://84.32.128.43

# Reference: https://twitter.com/drb_ra/status/1612590699303604224

191.34.32.138:443

# Reference: https://twitter.com/drb_ra/status/1612591221033111552

http://161.35.232.68

# Reference: https://twitter.com/drb_ra/status/1612592348466233350

37.72.175.30:8114

# Reference: https://twitter.com/drb_ra/status/1612593657957195776

82.157.148.189:443

# Reference: https://twitter.com/drb_ra/status/1612594574437892099

35.220.227.124:83

# Reference: https://twitter.com/drb_ra/status/1612594914998554624

jqueryprofiles.ignorelist.com
/apiv2/products/cache/amz.items.product

# Reference: https://twitter.com/drb_ra/status/1612621019113570305

service-7e9bzzhk-1304697786.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1612774297482760194

http://43.132.122.84

# Reference: https://twitter.com/drb_ra/status/1612775167192666112

43.138.62.36:8081

# Reference: https://twitter.com/drb_ra/status/1612791687331418112

107.174.247.46:9443

# Reference: https://twitter.com/drb_ra/status/1612814746964615169

worldsportarena.org

# Reference: https://twitter.com/drb_ra/status/1612858732492328974
# Reference: https://www.virustotal.com/gui/file/4011c477e06f0be99c77995bdbff1e548579dc47e962a25d25c3046ff3003ed1/detection

140.143.232.178:6565
140.143.232.178:8887

# Reference: https://twitter.com/drb_ra/status/1612859434623012872

45.43.36.198:443

# Reference: https://twitter.com/KorbenD_Intel/status/1612919578161455121
# Reference: https://twitter.com/drb_ra/status/1613128428806340608
# Reference: https://twitter.com/drb_ra/status/1613147799582871552
# Reference: https://twitter.com/drb_ra/status/1613148345429622784

allowedcloud.com
redirect.frontlinepay.us
svchost20230103.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1612935719030333441

8.142.171.59:25565

# Reference: https://twitter.com/drb_ra/status/1612945404458328068

kotamv.xyz

# Reference: https://twitter.com/drb_ra/status/1612945484145893376

http://167.235.67.210

# Reference: https://twitter.com/drb_ra/status/1612945630522970112

198.55.96.55:16688
52.220.121.212:16688

# Reference: https://twitter.com/drb_ra/status/1612946009302122496

http://20.253.66.206

# Reference: https://twitter.com/drb_ra/status/1612947359033344001

185.19.212.124:443

# Reference: https://twitter.com/drb_ra/status/1612947658041073664

101.35.82.228:443

# Reference: https://twitter.com/drb_ra/status/1612948094701674496

3.122.103.39:443

# Reference: https://twitter.com/drb_ra/status/1612948772455079938

91.90.194.3:443

# Reference: https://twitter.com/drb_ra/status/1613022101069242368

http://193.47.61.99

# Reference: https://twitter.com/drb_ra/status/1613022283987124225

http://54.151.146.41

# Reference: https://twitter.com/drb_ra/status/1613124986981449730

23.108.57.74:443
doyiduzu.com
/fabricate/privacypolicy/58U2FPAVH92U
/privacypolicy/58U2FPAVH92U
/58U2FPAVH92U

# Reference: https://twitter.com/drb_ra/status/1613022821352968192

101.33.125.241:4444

# Reference: https://twitter.com/drb_ra/status/1613224452791144466

1.15.247.249:8088

# Reference: https://twitter.com/drb_ra/status/1613226695451938818

aptce4.top
tw.aptce4.top

# Reference: https://www.virustotal.com/gui/file/2064709671e5b9008c555094776ee852c3a54f5cd86505b8909366fb637e3423/detection

104.21.62.118:8443
172.67.223.130:8443
188.114.97.0:8443
cl0udflare.tk
dash.cl0udflare.tk
dns.cl0udflare.tk

# Reference: https://twitter.com/drb_ra/status/1613256863465742342

103.131.189.217:443

# Reference: https://www.virustotal.com/gui/ip-address/185.150.117.182/relations
# Reference: https://www.virustotal.com/gui/file/90c03a68af574846bbb114db462d9310b2bb5650ae4f9ced047c3b56edec0a8f/detection

185.150.117.182:443

# Reference: https://twitter.com/cobaltstrikebot/status/1613275955581300736
# Reference: https://twitter.com/drb_ra/status/1613392350759337984

tercent.tk

# Reference: https://twitter.com/drb_ra/status/1613290672676642816

47.102.110.41:7766

# Reference: https://twitter.com/drb_ra/status/1613391647387144192

dcrwaxwvb1lj1.cloudfront.net
/safebrowsing/QepEF3u/lpIbUDDDMuQakD28VbLjw7sqwIHX0CVUV
/safebrowsing/QepEF3u/
/QepEF3u/lpIbUDDDMuQakD28VbLjw7sqwIHX0CVUV
/lpIbUDDDMuQakD28VbLjw7sqwIHX0CVUV

# Reference: https://twitter.com/drb_ra/status/1613391951457296384

51.89.210.59:443

# Reference: https://twitter.com/drb_ra/status/1613392149063557120

http://179.43.156.146

# Reference: https://twitter.com/drb_ra/status/1613392193472925696

http://194.180.49.48

# Reference: https://twitter.com/drb_ra/status/1613392643500679168

http://139.180.208.227

# Reference: https://twitter.com/drb_ra/status/1613392685426941958

194.163.163.50:443

# Reference: https://twitter.com/drb_ra/status/1613393245802840065

http://179.43.162.31

# Reference: https://twitter.com/drb_ra/status/1613393650968322048

173.82.196.58:2053

# Reference: https://twitter.com/drb_ra/status/1613545043758833673

http://47.113.224.80

# Reference: https://twitter.com/drb_ra/status/1613545206455975938

http://179.43.187.247

# Reference: https://twitter.com/drb_ra/status/1613545628449083393

mmmllkps.tk
lemon.mmmllkps.tk

# Reference: https://twitter.com/drb_ra/status/1613547610534514689

realsecuritystore.com

# Reference: https://twitter.com/drb_ra/status/1613548392872906759

http://3.85.177.52
http://54.152.60.160
/posters/2023/01/91AZcJxnYmVl._AC_SY879_.jpg
/91AZcJxnYmVl._AC_SY879_.jpg

# Reference: https://twitter.com/drb_ra/status/1613548659890683904

91.215.85.183:443

# Reference: https://twitter.com/drb_ra/status/1613548886236307456

3.85.177.52:443

# Reference: https://twitter.com/drb_ra/status/1613549284737298432

http://101.42.46.117

# Reference: https://twitter.com/drb_ra/status/1613576452187774976

52.18.131.129:443

# Reference: https://twitter.com/drb_ra/status/1613578674694938625

realsecuritystore.com

# Reference: https://twitter.com/drb_ra/status/1613578892006100996

43.138.66.190:2000
35.153.50.171:443

# Reference: https://twitter.com/KorbenD_Intel/status/1613564558618017796

svcrencst.com
as.svcrencst.com
qw.svcrencst.com
zx.svcrencst.com

# Reference: https://twitter.com/drb_ra/status/1613642659213475841
# Reference: https://www.virustotal.com/gui/file/5a53e791bda980bfc145f7c6c0c9868e1f18465fcf915b48db1baf9a6cf4f78e/detection
# Reference: https://www.virustotal.com/gui/file/d2e0ddb82ef1982d49de60f203b8a97fcebd755c0d04176f4771008f6afd29e1/detection
# Reference: https://www.virustotal.com/gui/file/a16143a957e766a1255fd19630773d44016f671366afec246799f846b89164fc/detection
# Reference: https://www.virustotal.com/gui/file/3c510b1b834cd6ba6d4db460506caca0e6911ba421159e0f2f73c2c09e9de369/detection
# Reference: https://www.virustotal.com/gui/file/39cc8085e331d0fbf1122e561472f87611de3df5f70344ac7b160d96b3cf576f/detection
# Reference: https://www.virustotal.com/gui/file/235106b04fd328fe4043e1ef090b238cc06f78272d29fcddfa86eb3618bee0cd/detection

108.62.118.203:443
157.254.194.123:443
23.106.215.111:443
23.108.57.161:443

# Reference: https://twitter.com/drb_ra/status/1613643711912595456

wosinope.com

# Reference: https://twitter.com/drb_ra/status/1613643711912595456

http://193.149.176.214
/office/updates/LG0lc25mIEV4aXp0czQwNA
/updates/LG0lc25mIEV4aXp0czQwNA
/LG0lc25mIEV4aXp0czQwNA

# Reference: https://twitter.com/drb_ra/status/1613650313440894984

209.250.243.68:443

# Reference: https://twitter.com/drb_ra/status/1613650984101715973

179.43.156.146:8081

# Reference: https://twitter.com/drb_ra/status/1613651146412892162

http://66.165.243.44

# Reference: https://twitter.com/drb_ra/status/1613651730671050763

frachno1.com

# Reference: https://twitter.com/drb_ra/status/1613653188200079378

103.177.76.8:443

# Reference: https://twitter.com/drb_ra/status/1613653361844273152

http://193.111.31.45

# Reference: https://twitter.com/drb_ra/status/1613654985035718659

185.225.70.147:8443

# Reference: https://twitter.com/drb_ra/status/1613655109610741790

179.43.156.146:8443

# Reference: https://twitter.com/drb_ra/status/1613655741302284320

170.178.196.112:10010

# Reference: https://twitter.com/drb_ra/status/1613656121671131152

blackandwhiteshoose.com

# Reference: https://twitter.com/drb_ra/status/1613546927571845120

ts.danielma.info

# Reference: https://github.com/pan-unit42/tweets/blob/master/2023-01-12-IOCs-from-IcedID-and-Cobalt-Strike-infection.txt
# Reference: https://www.virustotal.com/gui/file/4c9364c85bd1e8a2fb53181696d6471ae10971f4cc709419dfaf6224b23b9f55/detection

fepopeguc.com

# Reference: https://twitter.com/drb_ra/status/1613656269335797763

http://100.26.163.51

# Reference: https://twitter.com/drb_ra/status/1613742539919564805

54.86.132.149:8082

# Reference: https://twitter.com/drb_ra/status/1613742851946315776

47.242.207.14:444

# Reference: https://twitter.com/drb_ra/status/1613743123712057345

drop.mcagroupinvest.com

# Reference: https://twitter.com/drb_ra/status/1613743207640178688

goodsport2023.win

# Reference: https://twitter.com/drb_ra/status/1613743718489640961

http://84.32.131.35

# Reference: https://twitter.com/drb_ra/status/1613744592167256064

45.116.76.116:40683

# Reference: https://twitter.com/drb_ra/status/1613744643308503041

quetzacoaltl.global.ssl.fastly.net

# Reference: https://twitter.com/drb_ra/status/1613829286858821633

43.143.89.187:443

# Reference: https://twitter.com/drb_ra/status/1613831902011527169

http://13.211.122.16

# Reference: https://twitter.com/drb_ra/status/1613872657883176961

107.172.206.242:443
paaszoo.tk
vpn.paaszoo.tk

# Reference: https://twitter.com/drb_ra/status/1613873385766789122

18.166.54.61:443
ec2-18-166-54-61.ap-east-1.compute.amazonaws.com

# Reference: https://twitter.com/drb_ra/status/1613873710728986630

http://194.55.186.206

# Reference: https://twitter.com/drb_ra/status/1613874462075518979

43.143.45.237:8200

# Reference: https://twitter.com/drb_ra/status/1613874527741558784

106.55.2.194:2095

# Reference: https://twitter.com/drb_ra/status/1613876235033092097

43.143.194.137:30006

# Reference: https://twitter.com/drb_ra/status/1613876283158454272

101.43.109.197:443

# Reference: https://twitter.com/drb_ra/status/1613955603017105408

http://35.153.50.171
/viewerng/meta

# Reference: https://twitter.com/drb_ra/status/1613956598740680728

http://101.43.16.149

# Reference: https://twitter.com/drb_ra/status/1614015936255741977
# Reference: https://www.virustotal.com/gui/file/fbcb0eb536eeda7f35a056194eccc6eeadefcf96878726c4b811ad5bb54f7997/detection
# Reference: https://www.virustotal.com/gui/file/1930bd3a3a2f286f2d8a2920609e145d1fffc2bddebaf1b526a96527a92cf73a/detection

152.12.89.100:443
157.254.194.16:443
177.20.189.45:443

# Reference: https://twitter.com/drb_ra/status/1614016104132759575

49.233.62.180:8080

# Reference: https://twitter.com/drb_ra/status/1614040173574082560

3.83.124.15:443

# Reference: https://twitter.com/drb_ra/status/1614040331250458624

179.43.156.148:8081

# Reference: https://twitter.com/drb_ra/status/1614041167192117249

179.43.156.148:8443

# Reference: https://twitter.com/drb_ra/status/1614042386912485376

dow-starter-powerpoint-musician.trycloudflare.com

# Reference: https://twitter.com/drb_ra/status/1614042466176344067

216.127.178.78:4488

# Reference: https://twitter.com/drb_ra/status/1614042957706936320

http://179.43.156.148

# Reference: https://twitter.com/drb_ra/status/1614043713134596105

179.43.156.146:4433
179.43.156.148:4433

# Reference: https://twitter.com/drb_ra/status/1614045241144639489

45.79.66.231:8443

# Reference: https://twitter.com/drb_ra/status/1614202207942975488
# Reference: https://twitter.com/drb_ra/status/1614202632389656577

54.86.132.149:8083
54.86.132.149:8084

# Reference: https://twitter.com/drb_ra/status/1614242456345710592

106.13.1.223:443

# Reference: https://twitter.com/drb_ra/status/1614254731471233027

service-7e9bzzhk-1304697786.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1614343056324526085

http://174.138.17.147

# Reference: https://twitter.com/drb_ra/status/1614343906849611777

174.138.17.147:443

# Reference: https://twitter.com/drb_ra/status/1614344135267287040

http://101.43.109.197

# Reference: https://twitter.com/drb_ra/status/1614356406890536960

http://185.174.172.239

# Reference: https://twitter.com/drb_ra/status/1614357154718154752

101.42.230.12:8088

# Reference: https://twitter.com/drb_ra/status/1614357766675595265

http://206.188.197.14

# Reference: https://twitter.com/drb_ra/status/1614357819951562752

124.223.173.83:443

# Reference: https://twitter.com/drb_ra/status/1614359518216949760

104.129.21.122:443

# Reference: https://twitter.com/drb_ra/status/1614360069772042240

http://80.78.25.77

# Reference: https://twitter.com/drb_ra/status/1614360221664567297

179.43.156.146:4433

# Reference: https://twitter.com/drb_ra/status/1614362028109348865

118.194.252.11:443

# Reference: https://twitter.com/drb_ra/status/1614362082635386881

http://138.68.117.60
http://138.68.160.9

# Reference: https://twitter.com/drb_ra/status/1614475696260128770

45.79.8.245:2222

# Reference: https://twitter.com/drb_ra/status/1614475893174419456

47.242.164.33:9998

# Reference: https://twitter.com/drb_ra/status/1614476113186521088

103.177.76.8:1443

# Reference: https://twitter.com/drb_ra/status/1614476237342130177

http://45.77.240.136

# Reference: https://twitter.com/drb_ra/status/1614476581455503363

45.32.180.179:4443

# Reference: https://twitter.com/drb_ra/status/1614476798129065984

60.249.20.183:9000

# Reference: https://twitter.com/drb_ra/status/1614476927485575168

http://45.148.120.196

# Reference: https://twitter.com/drb_ra/status/1614477043898490880

103.149.90.238:2000

# Reference: https://twitter.com/drb_ra/status/1614477098852257792
# Reference: https://twitter.com/drb_ra/status/1614476061114351622

http://18.212.19.9
18.212.19.9:443

# Reference: https://twitter.com/drb_ra/status/1614585302584102918

106.54.62.242:5555

# Reference: https://twitter.com/drb_ra/status/1614586041670811648

66.165.243.44:443

# Reference: https://twitter.com/drb_ra/status/1614587066385309696

service-q53462o2-1305598994.jp.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1614617790748434432

199.253.29.85:443

# Reference: https://twitter.com/drb_ra/status/1614706543512936448

http://138.68.117.60

# Reference: https://twitter.com/drb_ra/status/1614706655853219840

38.47.100.176:8091

# Reference: https://twitter.com/drb_ra/status/1614706799071952896

185.207.154.114:9115

# Reference: https://twitter.com/drb_ra/status/1614706848040361986

162.0.237.14:88

# Reference: https://www.virustotal.com/gui/file/b159dafb0af32907962519e879d0e525236c93fb4183615ef279302dc961f8b5/detection
# Reference: https://www.virustotal.com/gui/file/a31299c7e07096e04baceb14c61b12988cfa860c394e88762c3dc4e02c40f704/detection
# Reference: https://www.virustotal.com/gui/file/6bb8c1da1f0df8d85656c2a7c4ad3372d018a54e51dcd39ad7a635dc706264c9/detection
# Reference: https://www.virustotal.com/gui/file/397157576a1b01f1f9f6096a0e2da93f0f335c82757591ec890403c2a19052b1/detection

ppccw.pro

# Reference: https://twitter.com/drb_ra/status/1614736224509431809

sevensix.shop
delaydelayaaa.sevensix.shop

# Reference: https://twitter.com/drb_ra/status/1614774432706215937

http://51.145.213.252

# Reference: https://twitter.com/drb_ra/status/1614774762298818561

34.125.90.61:5005

# Reference: https://twitter.com/drb_ra/status/1614951376030732288

redirektert.workers.dev
helloworld.redirektert.workers.dev

# Reference: https://twitter.com/drb_ra/status/1614988890326048768

http://43.139.159.179

# Reference: https://twitter.com/drb_ra/status/1614989910011789312

118.194.252.11:443

# Reference: https://twitter.com/drb_ra/status/1615056227939061773

ms-nt-update.xyz

# Refereence: https://twitter.com/drb_ra/status/1615056588926029848

107.151.203.95:10000

# Reference: https://www.virustotal.com/gui/file/1201027c10b6dda041cc3acf56bbb35fb0c6267ce0939cf8feb8bcb09110045f/detection

http://45.61.136.178

# Reference: https://twitter.com/Artilllerie/status/1615309843715194881
# Reference: https://www.virustotal.com/gui/ip-address/138.197.239.132/relations

encryptedupdates.com
updateportal.net
verifiedupdate.com
vmportal.net
vmwareportal.net

# Reference: https://twitter.com/drb_ra/status/1615187623164641280

173.82.194.179:2443

# Reference: https://twitter.com/drb_ra/status/1615187709248651268
# Reference: https://twitter.com/drb_ra/status/1615187711429591040

00aa8b953d76040d.azureedge.net
d1pg391qb4gheb.cloudfront.net
/safebrowsing/NedI5u5/bi1YF2p1lq4NrT3Fb-nL9lhTnwZQpvd781bp6Avv
/safebrowsing/NedI5u5/
/NedI5u5/bi1YF2p1lq4NrT3Fb-nL9lhTnwZQpvd781bp6Avv
/bi1YF2p1lq4NrT3Fb-nL9lhTnwZQpvd781bp6Avv

# Reference: https://twitter.com/drb_ra/status/1615187768438661121

dll.kasperskymeen.com

# Reference: https://twitter.com/drb_ra/status/1615187914266234882

dho5mzesn29z0.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1615188565175967744

185.216.71.178:6547

# Reference: https://twitter.com/drb_ra/status/1615188693148471297

1.15.99.189:7777

# Reference: https://twitter.com/drb_ra/status/1615299152245657600

1.116.132.251:81

# Reference: https://twitter.com/drb_ra/status/1615342484623605761

cybersmart.cloud

# Reference: https://twitter.com/drb_ra/status/1615342558611214338

http://43.143.120.47

# Reference: https://twitter.com/KorbenD_Intel/status/1615423111876284416

hnsxpharm.com

# Reference: https://twitter.com/drb_ra/status/1615437730355240969

91.213.50.35:380
eu.updater.keenetic.pro
europe.updater.keenetic.pro

# Reference: https://twitter.com/drb_ra/status/1615474040382136331

173.234.155.113:443
pumivus.com
/Compute/v6.74/O6BBIO07JI4
/v6.74/O6BBIO07JI4
/O6BBIO07JI4

# Reference: https://tria.ge/230118-rrsavsag38/behavioral16

23.106.215.213:443
23.108.57.26:443
23.109.27.113:443
23.189.202.11:443

# Reference: https://twitter.com/Kostastsale/status/1615733418939088896

jumptoupd.com

# Reference: https://twitter.com/drb_ra/status/1615531191414784000

155.133.27.151:8083

# Reference: https://twitter.com/drb_ra/status/1615531467106394112

209.141.47.99:4433

# Reference: https://twitter.com/drb_ra/status/1615531619716157442

pharmarite.azurewebsites.net

# Reference: https://twitter.com/drb_ra/status/1615531885261733890

service-7u28tmku-1309186631.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1615535925693497345

47.243.89.35:8080

# Reference: https://twitter.com/drb_ra/status/1615536272549740544

booklng.cheap
join.booklng.cheap
/Download/adclick/3YSKJ5CJAC
/adclick/3YSKJ5CJAC
/3YSKJ5CJAC

# Reference: https://twitter.com/drb_ra/status/1615536807344590848

mwg-update.cloud

# Reference: https://twitter.com/drb_ra/status/1615719220104290304

118.31.76.240:7999

# Reference: https://twitter.com/cobaltstrikebot/status/1615812974886916097

service-381kylfn-1306620309.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1615831241785319426

182.92.174.55:8085

# Reference: https://twitter.com/drb_ra/status/1615889025948073985

114.132.73.232:443

# Reference: https://twitter.com/drb_ra/status/1615893860260974592

54.149.221.109:30003

# Reference: https://twitter.com/drb_ra/status/1615894242995355648

http://43.159.43.58
qatarpgreenroperties.com
cs.qatarpgreenroperties.com

# Reference: https://twitter.com/drb_ra/status/1616033621701271554

goupdatemic.online

# Reference: https://twitter.com/drb_ra/status/1616035276014460933

http://140.13.232.178

# Reference: https://twitter.com/drb_ra/status/1616035827917676544

124.221.169.111:9999

# Reference: https://twitter.com/malwrhunterteam/status/1616056365969190912
# Reference: https://www.virustotal.com/gui/file/c5dd759c586031f32e5ac6983ca8b4ed08a41f7ce6d160d24b51ab8e1949454b/detection

pettopetsmart.com

# Reference: https://twitter.com/malwrhunterteam/status/1616057254415060996
# Reference: https://www.virustotal.com/gui/file/140ac47367147dc7429c59361a78c3b9bab7a44c8d617385a5d36e124397cc64/detection

go.google-analytcis.com

# Reference: https://www.virustotal.com/gui/file/31b4d5d87314b8172db4398109410a175cb089e2675b4eefaf5d66cdabfcd549/detection

google-analytcis.com

# Reference: https://twitter.com/malwrhunterteam/status/1616057917047967746
# Reference: https://www.virustotal.com/gui/file/c55a3c1fa6321e4be8282c0a5c0c4ed9e9f58abf59439794dbafe143dfc70876/detection

microsoft-officebook.tk

# Reference: https://twitter.com/malwrhunterteam/status/1616061953805516800
# Reference: https://www.virustotal.com/gui/file/44cd6a05e667bf41b177b08133c1509b6b2a45034557681f919b203341906ff5/detection

34.130.19.104:1011
34.130.19.104:8095

# Reference: https://twitter.com/drb_ra/status/1616076955471982593

azurecloudfire.com

# Reference: https://twitter.com/drb_ra/status/1616077287488634882

http://1.117.117.162

# Reference: https://twitter.com/k3dg3/status/1616113852923486208
# Reference: https://tria.ge/230119-tmdm1sdd9w/behavioral2

45.11.19.22:443
95.168.191.223:443

# Reference: https://twitter.com/drb_ra/status/1616159842288156684

http://103.96.129.49

# Reference: https://twitter.com/drb_ra/status/1616160630397964289

nytimesjournal.net

# Reference: https://twitter.com/drb_ra/status/1616160960053379072

206.233.131.30:8848

# Reference: https://twitter.com/drb_ra/status/1616161376216432650

101.33.125.241:5555

# Reference: https://twitter.com/drb_ra/status/1616161416871821314

118.194.252.253:9000

# Reference: https://twitter.com/drb_ra/status/1616161595578634242

185.225.74.52:443

# Reference: https://twitter.com/drb_ra/status/1616161643347468288

81.17.31.34:443

# Reference: https://twitter.com/drb_ra/status/1616161796439556098

http://193.149.187.221

# Reference: https://twitter.com/drb_ra/status/1616161893818765312

execsvct.com
as.execsvct.com
qw.execsvct.com
zx.execsvct.com

# Reference: https://twitter.com/drb_ra/status/1616161954149634058

163.123.142.146:8080

# Reference: https://twitter.com/drb_ra/status/1616184094013931524

124.221.169.111:443

# Reference: https://twitter.com/drb_ra/status/1616188093383557120

api.vmwareportal.net

# Reference: https://twitter.com/drb_ra/status/1616288593143627776

23.224.47.199:7801

# Reference: https://twitter.com/drb_ra/status/1616288935419826177

202.182.117.134:8087

# Reference: https://twitter.com/drb_ra/status/1616289166521761792

182.160.0.248:81

# Reference: https://twitter.com/drb_ra/status/1616289377092517888

/Detect/devs/NJYO2MUY4V
/devs/NJYO2MUY4V
/NJYO2MUY4V

# Reference: https://twitter.com/drb_ra/status/1616289564150071298

http://3.29.23.140

# Reference: https://twitter.com/drb_ra/status/1616289981470760964

3.72.8.243:443

# Reference: https://twitter.com/drb_ra/status/1616290188266770432

34.125.128.154:5005
34.125.90.61:5005

# Reference: https://twitter.com/drb_ra/status/1616395697288355841

service-381kylfn-1306620309.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1616395906395389952

avdev.net

# Reference: https://twitter.com/drb_ra/status/1616396930573123591

47.109.47.215:8888

# Reference: https://twitter.com/drb_ra/status/1616397647941705728

121.4.154.240:4000

# Reference: https://twitter.com/drb_ra/status/1616398249727770626

101.43.34.192:8443

# Reference: https://twitter.com/drb_ra/status/1616399191307165696

43.138.13.139:7777

# Reference: https://twitter.com/drb_ra/status/1616400082160558080

us-central1-workers-373921.cloudfunctions.net

# Reference: https://twitter.com/drb_ra/status/1616401909232926720

1.117.117.162:8888

# Reference: https://twitter.com/drb_ra/status/1616402521517342722

service-955koung-1259774614.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1616402816590925824

1.14.198.89:8022

# Reference: https://twitter.com/drb_ra/status/1616403010195787777

124.223.94.162:81

# Reference: https://twitter.com/drb_ra/status/1616404029415854081

162.14.107.239:8443

# Reference: https://twitter.com/drb_ra/status/1616404363030794247

d2vd3rtal66yy0.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1616406753314217984

d2keqa7g0xnve6.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1616460102852116480

http://213.32.75.32

# Reference: https://twitter.com/drb_ra/status/1616461173259386882

5.30.208.67:8081
labs.codegreen.ae

# Reference: https://twitter.com/drb_ra/status/1616464557244825602

1.117.117.162:443

# Reference: https://twitter.com/drb_ra/status/1616524127250120709
# Reference: https://twitter.com/drb_ra/status/1616524459464167425

http://104.168.140.53
104.168.140.53:443

# Reference: https://twitter.com/drb_ra/status/1616524248465477634

http://51.75.252.112

# Reference: https://twitter.com/drb_ra/status/1616524325678419968

168.119.110.211:2233

# Reference: https://twitter.com/drb_ra/status/1616524719519399947

185.62.58.53:3389

# Reference: https://twitter.com/drb_ra/status/1616524800154902528

mizu.re.mxlwa.re

# Reference: https://www.virustotal.com/gui/file/cca7d7fe63d6e9117b0a219d197ae41be7fae025315bde81f2b0514619e19f08/detection

http://51.75.252.112

# Reference: https://twitter.com/drb_ra/status/1616525062600884228

78.128.112.196:443

# Reference: https://twitter.com/drb_ra/status/1616547079614070785

124.222.105.70:6789

# Reference: https://twitter.com/drb_ra/status/1616547681878376448

150.158.54.124:60001

# Reference: https://twitter.com/drb_ra/status/1616630966243545089

3.92.113.197:8083

# Reference: https://twitter.com/drb_ra/status/1616631587403141122

http://118.31.36.92

# Reference: https://twitter.com/drb_ra/status/1616850916505784320

182.92.67.97:8443

# Reference: https://twitter.com/drb_ra/status/1616884466621812736

konacrothasdt.xyz

# Reference: https://twitter.com/drb_ra/status/1616884861314207745

appsvpnhosting.shop

# Reference: https://twitter.com/drb_ra/status/1616979585886814209

3.125.53.184:443

# Reference: https://twitter.com/drb_ra/status/1616979642044268544

185.19.212.117:443

# Reference: https://twitter.com/drb_ra/status/1616979803151777792

103.74.192.114:2052
pdtrojans.xyz
cs.pdtrojans.xyz

# Reference: https://twitter.com/drb_ra/status/1616980274167832579

mcfupdateonline.cloud

# Reference: https://twitter.com/drb_ra/status/1616980346737664000

180.76.154.33:443

# Reference: https://twitter.com/drb_ra/status/1617144321936859136

myjqueryss.com

# Reference: https://twitter.com/drb_ra/status/1617153017005973504

61.170.252.220:7001

# Reference: https://twitter.com/drb_ra/status/1617242206791663617

140.143.232.178:81

# Reference: https://twitter.com/drb_ra/status/1617242291923558401

http://107.151.195.11

# Reference: https://twitter.com/drb_ra/status/1617242865708503041

103.234.72.253:7799

# Reference: https://twitter.com/drb_ra/status/1617271197758005248

1.117.115.142:443

# Reference: https://twitter.com/drb_ra/status/1617271656950693889

47.103.36.44:8443

# Reference: https://twitter.com/drb_ra/status/1617272296778915854

http://1.117.115.142

# Reference: https://twitter.com/drb_ra/status/1617272462860771330

d2h7014tid4d1y.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1617353791623274498
# Reference: https://twitter.com/drb_ra/status/1617528583504949256

3.92.113.197:8082
/discussion/mayo-clinic-radio-als/
/hubcap/mayo-clinic-radio-full-shows/

# Reference: https://twitter.com/drb_ra/status/1617353978689323011

3.92.113.197:8084

# Reference: https://twitter.com/drb_ra/status/1617354020611395584

66.112.219.122:14443
8.214.108.207:14443

# Reference: https://twitter.com/drb_ra/status/1617354320587931648

208.67.105.87:12338

# Reference: https://twitter.com/drb_ra/status/1617354497512165377

44.201.225.29:443

# Reference: https://twitter.com/drb_ra/status/1617354524401799174

45.12.253.139:443

# Reference: https://twitter.com/drb_ra/status/1617486236360253441

http://35.88.90.115

# Reference: https://twitter.com/drb_ra/status/1617487042388131840

77.73.134.51:8888

# Reference: https://twitter.com/drb_ra/status/1617522768979054592

drgb74ojbgxg7.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1617620892837679118

88.119.175.149:9999

# Reference: https://twitter.com/drb_ra/status/1617621572327464971

vd-ntds.com

# Reference: https://twitter.com/drb_ra/status/1617621857133289479

konactoratec.xyz

# Reference: https://twitter.com/drb_ra/status/1617622152382906368

137.220.135.199:6789
137.220.135.206:6789

# Reference: https://twitter.com/drb_ra/status/1617622909064732680

208.67.105.87:13443

# Reference: https://twitter.com/drb_ra/status/1617624921894518786

137.220.135.199:6789
137.220.135.200:6789

# Reference: https://twitter.com/drb_ra/status/1617728587913728001

101.43.129.115:443

# Reference: https://twitter.com/drb_ra/status/1617847722282819584

119.29.82.40:8053

# Reference: https://twitter.com/drb_ra/status/1617848925741875201

d2r7zxxp94uuq9.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1617849670604054536

f3y9p9s3.stackpathcdn.com

# Reference: https://twitter.com/drb_ra/status/1617913044356546561
# Reference: https://twitter.com/drb_ra/status/1617914014247407616

http://185.175.156.42
185.175.156.42:443

# Reference: https://twitter.com/drb_ra/status/1618036773161926657

43.138.215.2:8001

# Reference: https://twitter.com/drb_ra/status/1618036969442795521

3.92.113.197:48888

# Reference: https://twitter.com/drb_ra/status/1618038425294094336

http://81.19.136.235

# Reference: https://twitter.com/drb_ra/status/1618041035514314752

donkertalsu.com
ww1.donkertalsu.com

# Reference: https://twitter.com/drb_ra/status/1618236328138756096

47.95.149.125:90

# Reference: https://twitter.com/drb_ra/status/1618269371247329280

34.125.190.77:5005

# Reference: https://twitter.com/drb_ra/status/1618273572669071361

3.29.24.212:443

# Reference: https://twitter.com/drb_ra/status/1618376515585982465

mediasmarkets.com

# Reference: https://twitter.com/drb_ra/status/1618380459892785154

http://3.122.234.72
http://3.73.0.134

# Reference: https://twitter.com/drb_ra/status/1618382706366185474

43.143.211.165:443

# Reference: https://twitter.com/drb_ra/status/1618383163541131266

216.146.25.20:443

# Reference: https://twitter.com/drb_ra/status/1618383532228755456

107.151.203.95:10002

# Reference: https://twitter.com/drb_ra/status/1618384502841122816

47.92.126.214:8888

# Reference: https://twitter.com/drb_ra/status/1618385057269391367

54.237.85.77:8888

# Reference: https://twitter.com/drb_ra/status/1618569943133347840

108.62.118.114:443
pesobuw.com
/make/v3.54/UF59OFOW3OXS
/v3.54/UF59OFOW3OXS
/UF59OFOW3OXS

# Reference: https://twitter.com/drb_ra/status/1618718496572981248

192.52.167.24:8443

# Reference: https://twitter.com/drb_ra/status/1618719374386372633

http://195.189.96.249

# Reference: https://twitter.com/drb_ra/status/1618719677642940426

195.189.96.249:443

# Reference: https://twitter.com/drb_ra/status/1618721123864125443

http://51.254.53.1

# Reference: https://twitter.com/drb_ra/status/1618722079733387265

139.162.199.96:443

# Reference: https://twitter.com/drb_ra/status/1618722613638856704

d3w0arvvki19jt.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1618724051463159810

http://51.83.249.117
/Calculate/examples/EAR93XJHI8
/examples/EAR93XJHI8
/EAR93XJHI8

# Reference: https://twitter.com/drb_ra/status/1618727685408145408

leeetmainchek.workers.dev
helloworld.leeetmainchek.workers.dev

# Reference: https://twitter.com/drb_ra/status/1618736028721758208

3.29.24.212:8080

# Reference: https://twitter.com/drb_ra/status/1618737973599543300

http://20.67.44.243

# Reference: https://twitter.com/drb_ra/status/1618739208448872449

3.29.24.212:8081

# Reference: https://twitter.com/drb_ra/status/1618788062758051840

d2k9649bx1yvrv.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1618788326600806402

http://64.44.101.152

# Reference: https://twitter.com/drb_ra/status/1618947450592546816

43.143.211.165:801

# Reference: https://twitter.com/drb_ra/status/1618948663744630784

symprod.ca
proxysg.symprod.ca

# Reference: https://twitter.com/drb_ra/status/1618949725490749440

http://3.90.213.150
/ext-5dkJ19tFufpMZjVJbsWCiqDcclDw/

# Reference: https://twitter.com/drb_ra/status/1618979500867330050

http://216.146.25.20

# Reference: https://twitter.com/drb_ra/status/1618979562515320833

http://217.114.43.145

# Reference: https://twitter.com/drb_ra/status/1619025798916182047

http://47.94.238.50

# Reference: https://twitter.com/drb_ra/status/1619099345625694208

http://147.78.47.131
harudake.com

# Reference: https://twitter.com/drb_ra/status/1619164097530007552

192.3.153.182:4434

# Reference: https://twitter.com/drb_ra/status/1619164413084286982

134.209.38.190:443

# Reference: https://twitter.com/drb_ra/status/1619164684069879813

198.211.48.158:2096
didudidubiubiubiu.top

# Reference: https://twitter.com/drb_ra/status/1619164822062391296

121.5.64.8:4446

# Reference: https://www.virustotal.com/gui/file/a58fcae68d7a19764978ba24bf951dd1bb996d2633df9ed0383aa1baf9e5a4c4/detection

cl0udfr0nt.ga
lb2.cl0udfr0nt.ga

# reference: https://www.virustotal.com/gui/file/4a67a7525e956bf4b47fb34af353fbeb43a6d16d4ad6fa2cba9a39beabf480ec/detection

service-8oeyubeo-1304571952.gz.apigw.tencentcs.com

# Reference: https://twitter.com/malwrhunterteam/status/1619452161003495425
# Reference: https://www.virustotal.com/gui/file/049812022b61ad8e6ba1bb9002b85d81609359915c4190c017566b0c0aac5230/detection

2c294f07f8835def.azureedge.net
4b19696b6143798f.azureedge.net
d1bxp5cr8ec143.cloudfront.net

# Reference: https://twitter.com/malwrhunterteam/status/1619472742780403719
# Reference: https://www.virustotal.com/gui/file/9fc8b54a4881bea48aaf0fedc8b65e9e9af5748fc7ada765b1f10d470e096e3d/detection

timezonesync.azurewebsites.net
/updatesversion457/get
/updatesversion457/post

# Reference: https://twitter.com/malwrhunterteam/status/1619460241086881792
# Reference: https://www.virustotal.com/gui/file/1a282855bfdfe5a56bf518f4d205a6f2726e694bbcc28bb36ffc69c34c6f470f/detection

d2e2y66ls4z2bg.cloudfront.net

# Reference: https://twitter.com/malwrhunterteam/status/1619456782312812545
# Reference: https://www.virustotal.com/gui/file/9fe8685b382b1b3687a2a924a2c189d67218f5f27868dbd00551ff6d706a4061/detection

d39vd5mao5c3dt.cloudfront.net

# Reference: https://twitter.com/malwrhunterteam/status/1619469269997359109
# Reference: https://www.virustotal.com/gui/file/28e5d7423fa0697c1ce0bd7b56e22c7a6cf60c33f082d32d49cec00e08735b6a/detection

64.227.10.152:8088
hea1t.us
/_/kids/signup/eligible

# Reference: https://www.virustotal.com/gui/file/f0b26f0386b845d772557e41843157d3255bde2a61d4a39e89b387bffe09565a/detection

mozllia.com
cdn.mozllia.com

# Reference: https://twitter.com/malware_traffic/status/1620600623606697985

104.237.219.36:8888
ciruvowuto.com

# Reference: https://twitter.com/KorbenD_Intel/status/1620846352103268353

audelr.com
kaspenskyupdates.com
uranustechsolution.com
0xx3.kaspenskyupdates.com

# Reference: https://twitter.com/ScumBots/status/1621155310626017280
# Reference: https://twitter.com/KorbenD_Intel/status/1621161558234513408
# Reference: https://www.virustotal.com/gui/file/5074fadffe1b3516888f2d5e15f68c20c7db958a2e22238681357773ce169d17/detection

27.122.56.137:443

# Reference: https://twitter.com/0xToxin/status/1622650150932840467

billingservice.hopto.org

# Reference: https://twitter.com/malwrhunterteam/status/1623272169269501953
# Reference: https://www.virustotal.com/gui/file/95f0699e596af882a2a3869c2f3f76ffd9382bf7e3686b28961128869e2c515f/detection

api2-cdn.com

# Reference: https://www.virustotal.com/gui/file/b875ea2d4fc60d0c0bf0404da6591007013cc380f7dcc0f4647e4ef3a6fc95fb/detection

173.255.249.221:7777

# Reference: https://twitter.com/malwrhunterteam/status/1623325614903070722
# Reference: https://www.virustotal.com/gui/file/c749bd4c70d46e3d2f2cfdc0de6b68061a5788bd7ac31239179e256d9f8e6076/detection

datastoreuaedu00121.blob.core.windows.net
human-resources-payslips.azurewebsites.net
host.human-resources-payslips.azurewebsites.net

# Reference: https://www.virustotal.com/gui/file/395771f1b37d20d9693f4719c634b20f990b71a504d7428a3215293e6e8fb8dc/detection

185.163.45.65:3066

# Reference: https://www.virustotal.com/gui/file/0387bb7f33ed59e57ebdbf975dbdcf8bdccbb6120f25ae8e1ee42e192e98ae58/detection

119.91.77.189:666

# Reference: https://www.virustotal.com/gui/file/f6aaaa8a05791e8be629258a453d9c11835c3dfab89d7eba665ff598e46d7091/detection

114.67.215.67:443

# Reference: https://www.virustotal.com/gui/file/3cbb0ffa03a1035fcbfefe3b557a5c1da03570cecf6a0be5e812c48d004ab8fb/detection
# Reference: https://www.virustotal.com/gui/file/841689ef5595692b351c4e1649a3f92a1eb04680108473c60c6971798d66147d/detection

75.127.13.201:3456
75.127.13.201:443

# Reference: https://twitter.com/Kostastsale/status/1623456585224945667
# Reference: https://github.com/pan-unit42/tweets/blob/master/2023-02-08-IOCs-for-Cobalt-Strike-from-IcedID.txt

http://167.172.154.189
thefirstupd.com

# Reference: https://twitter.com/mojoesec/status/1623779980705398788

datamsupd.com
fileitupd.com
firstupd.com
jungoupd.com
morgenupd.com
newageupd.com
neweraupd.com
newstarupd.com
secondoneup.com
secondupd.com
timetoupd.com
waveupd.com

# Reference: https://www.virustotal.com/gui/file/df5835c7c91517ef4cffcd99339413fc009b305a88346760b6da5ec688267dbb/detection
# Reference: https://www.virustotal.com/gui/file/7ea7e947f0f36984316784bcb0623b02cdd854037155fc4f1ab3c2fa7d718a9e/detection

104.21.3.97:2096
172.67.153.125:2096
webys.xyz
mail.webys.xyz

# Reference: https://twitter.com/KorbenD_Intel/status/1623738680362913793

boltiev.ru
bonsars.com
oe-konsult.net
ns2.bonsars.com

# Reference: https://twitter.com/TrackerC2Bot/status/1603376581740830720

82.157.148.246:9900
xemintin.com

# Reference: https://twitter.com/TrackerC2Bot/status/1603376583833751553

http://207.148.94.32

# Reference: https://www.virustotal.com/gui/file/267b1740c9f7b6e6bb03a3219bd75d7a901489c12557b6ea1f9a1ae17af77e78/detection

198.199.88.48:8084

# Reference: https://twitter.com/TrackerC2Bot/status/1605090117303107592
# Reference: https://www.virustotal.com/gui/file/bf494f63448040dbc6e29cd5681d44527a2086773d228b4cbf4c81913546e159/detection
# Reference: https://www.virustotal.com/gui/file/620086aa4af2caa9a5f25b9374fdc36c10901381bc07908ad0e741170a801cab/detection

http://43.139.225.176

# Reference: https://www.virustotal.com/gui/file/02bfcf5f600210df4bba85e090f1d9ee4b07a5582029778577700a7340c351cc/detection

172.86.122.207:443

# Reference: https://twitter.com/TrackerC2Bot/status/1605721653224378368

43.138.112.112:8080

# Reference: https://twitter.com/TrackerC2Bot/status/1605812881685094404

123.60.166.51:443
/js/chunk-821b0d42.65a4c4db.js
/chunk-821b0d42.65a4c4db.js

# Reference: https://twitter.com/TrackerC2Bot/status/1606083869752676352

175.178.73.224:9999

# Reference: https://twitter.com/TrackerC2Bot/status/1607262380664274945

cloudsoipak.cf
cdn.cloudsoipak.cf

# Reference: https://twitter.com/TrackerC2Bot/status/1607365794580647939

hakakebero.com

# Reference: https://twitter.com/TrackerC2Bot/status/1607624032345538562

137.184.122.134:4444

# Reference: https://twitter.com/TrackerC2Bot/status/1607805219529703424

172.93.179.45:443
23.106.215.186:443

# Reference: https://twitter.com/TrackerC2Bot/status/1608267276620292096

70.185.229.3:443

# Reference: https://twitter.com/TrackerC2Bot/status/1608801850869833730

104.243.27.251:804

# Reference: https://twitter.com/TrackerC2Bot/status/1612516389763309572

125.37.206.217:443
125.76.247.218:443
139.177.146.152:443
14.29.40.5:443
140.249.60.232:443
172.93.201.120:443

# Reference: https://twitter.com/TrackerC2Bot/status/1612516391021592576

29.22.108.13:443

# Reference: https://twitter.com/TrackerC2Bot/status/1622028893635878913

107.174.27.242:5556

# Reference: https://twitter.com/TrackerC2Bot/status/1617138248245035009

103.20.221.83:8088

# Reference: https://raw.githubusercontent.com/drb-ra/C2IntelFeeds/master/C2_configs/cobaltstrike.json (Jan 2023-Feb 2023)

http://101.35.240.32
http://101.43.122.222
http://103.215.223.119
http://103.87.240.167
http://104.149.131.161
http://104.243.143.71
http://106.75.227.134
http://108.163.207.38
http://108.165.178.42
http://108.165.178.43
http://108.62.118.131
http://109.172.45.111
http://109.172.45.38
http://109.172.45.77
http://109.172.45.85
http://116.62.168.211
http://117.52.18.132
http://119.91.148.9
http://120.46.185.86
http://120.46.199.93
http://120.48.99.90
http://124.220.185.154
http://124.220.198.212
http://124.223.173.83
http://124.223.215.12
http://124.223.22.86
http://124.70.92.91
http://129.150.60.95
http://137.184.10.204
http://139.177.146.20
http://139.9.5.151
http://141.98.10.124
http://143.42.19.99
http://147.78.47.135
http://147.78.47.141
http://154.204.56.251
http://154.7.179.245
http://157.245.153.7
http://162.19.206.0
http://162.241.115.71
http://162.254.200.241
http://163.197.211.154
http://170.39.214.187
http://172.81.62.92
http://173.82.219.37
http://179.43.175.220
http://179.60.147.196
http://18.183.219.26
http://18.184.17.94
http://185.143.223.33
http://185.254.37.251
http://194.102.36.152
http://194.165.16.56
http://194.165.16.90
http://195.123.241.124
http://195.189.96.146
http://198.13.40.190
http://198.211.9.165
http://198.251.68.79
http://198.98.55.58
http://199.195.249.113
http://199.195.251.23
http://20.211.120.220
http://207.148.112.181
http://209.141.36.163
http://209.141.52.22
http://212.118.39.116
http://216.127.164.252
http://23.227.196.194
http://23.227.203.70
http://27.124.40.214
http://27.124.40.215
http://27.124.40.216
http://3.0.188.18
http://3.139.62.192
http://3.84.109.117
http://3.89.10.183
http://34.228.74.244
http://37.220.87.31
http://42.193.23.91
http://43.136.168.94
http://43.140.195.36
http://43.142.18.173
http://43.156.49.251
http://45.61.185.16
http://45.61.185.216
http://45.61.186.121
http://45.61.188.128
http://45.9.74.66
http://45.95.67.211
http://46.161.40.118
http://47.242.164.33
http://47.242.63.91
http://47.90.244.75
http://5.188.86.194
http://51.15.237.189
http://54.157.206.141
http://54.210.2.63
http://70.39.93.88
http://79.141.169.220
http://8.130.9.56
http://81.161.229.111
http://81.68.173.143
http://84.32.34.45
http://87.251.64.176
http://91.215.85.196
http://92.119.157.86
1.13.23.88:443
100.42.70.27:234
101.34.163.3:8888
101.42.89.186:8888
103.127.124.139:2053
103.127.124.139:2083
103.127.124.139:2096
103.142.246.194:8080
103.142.246.194:8443
103.142.246.194:8790
103.215.223.119:443
103.215.81.189:6688
103.227.117.45:8443
103.229.124.219:443
103.241.73.58:443
103.87.240.167:443
104.168.170.88:9090
104.207.152.82:82
104.208.73.11:443
104.237.149.115:8082
104.237.149.115:8088
104.243.143.71:443
106.126.12.87:8808
106.13.1.223:4443
106.75.227.134:443
107.148.130.152:443
107.148.149.21:443
107.151.203.95:20000
107.151.203.95:8088
107.172.208.88:443
107.173.111.16:443
107.174.186.22:6666
108.163.207.38:443
108.165.178.42:443
108.165.178.43:443
108.166.220.43:7001
109.172.45.111:443
109.172.45.38:443
109.172.45.77:443
109.172.45.85:443
109.172.45.85:801
109.192.212.70:9001
110.40.156.53:10086
110.40.227.251:82
110.42.188.52:8199
112.74.177.62:443
114.115.135.149:50050
114.115.218.16:55555
114.84.137.16:7001
116.205.134.239:10003
119.3.12.54:8081
119.45.26.174:8383
119.91.148.9:443
119.91.31.246:60088
119.91.74.118:7999
120.46.185.86:8080
120.48.92.232:59443
120.48.99.90:443
120.77.1.92:8000
120.77.18.249:88
121.196.108.92:5013
121.4.211.243:8888
121.4.57.81:443
121.4.62.215:1433
121.4.62.215:1521
122.10.50.34:8789
122.228.216.75:9527
123.249.31.187:10020
123.58.197.94:8080
124.220.0.89:35585
124.220.185.154:8080
124.221.169.111:8080
124.221.74.201:8888
124.222.129.148:1111
124.222.144.23:12510
124.222.3.42:4445
124.223.31.74:5555
124.223.65.79:8001
124.70.102.47:8888
124.70.130.70:4444
129.150.60.95:8089
13.115.21.133:448
13.224.194.201:443
13.48.54.61:4432
134.209.104.25:4433
137.184.227.180:443
138.124.180.171:8080
138.197.148.29:4433
139.177.146.20:443
140.143.232.178:8089
147.78.47.209:443
149.28.132.30:8089
150.158.160.247:9588
150.158.75.102:18357
152.136.104.49:8080
152.136.227.216:65432
152.136.227.216:6767
154.26.192.11:443
156.232.11.5:443
157.245.153.7:443
157.90.240.174:63443
158.101.144.105:5888
158.247.196.89:8081
159.223.178.111:443
159.253.120.205:443
159.253.120.205:8443
161.117.177.21:400
161.117.177.21:4444
161.35.232.68:443
162.19.155.49:8008
162.19.206.0:443
162.254.200.241:443
163.123.142.237:38080
164.92.138.223:8888
165.232.100.203:443
172.245.129.218:443
175.178.40.166:443
176.113.115.134:10443
176.124.211.37:8080
179.43.156.148:9443
179.43.175.220:443
179.43.187.185:4444
18.163.200.206:443
18.215.245.9:443
18.219.74.140:443
18.223.196.240:443
180.184.84.232:443
184.72.146.182:443
185.112.151.104:443
185.143.223.33:443
185.143.223.33:81
185.143.223.33:88
185.173.34.36:443
185.19.212.125:443
185.22.154.65:8080
185.225.70.147:443
185.25.119.26:443
185.250.148.97:443
185.254.37.182:443
185.254.37.224:443
185.254.37.251:443
188.114.96.3:443
190.123.44.122:443
190.123.44.137:4433
190.123.44.207:443
190.123.44.214:443
192.144.205.168:443
192.210.162.147:4444
192.211.55.118:82
192.3.127.174:2053
192.3.127.174:2087
192.3.127.174:51001
192.3.127.174:51003
192.3.127.174:51004
192.3.127.22:8080
192.3.127.76:443
192.3.223.126:443
193.149.187.131:4431
194.165.16.56:443
194.165.16.57:443
194.165.16.58:8080
194.165.16.95:4444
194.180.49.135:443
194.87.46.87:4433
195.123.241.124:443
195.123.241.124:88
195.189.99.65:999
198.148.104.213:40000
198.211.15.48:7788
198.211.9.165:443
199.195.249.113:443
20.187.105.113:8080
20.190.109.205:443
20.239.161.221:443
201.93.47.22:443
203.69.170.180:2331
209.141.36.163:443
209.141.52.22:443
212.118.39.116:8080
212.193.30.14:443
212.193.30.14:5001
212.193.30.14:8080
212.193.30.15:10443
212.193.30.15:8080
213.252.245.68:443
213.252.246.35:443
216.146.25.49:8443
216.238.70.220:443
216.83.38.235:8000
216.83.46.88:8080
23.105.215.114:443
23.108.57.80:8080
23.227.196.194:443
23.227.203.70:443
23.234.41.225:8081
23.234.41.225:81
23.234.41.226:8081
23.251.60.22:443
23.94.240.207:443
23.94.240.207:8443
23.94.255.18:4431
23.95.67.59:8443
27.124.40.214:443
27.124.40.216:443
3.112.48.183:443
3.22.116.191:443
34.162.78.52:443
34.197.227.138:8082
34.197.227.138:8083
34.197.227.138:8084
34.234.209.157:443
34.245.162.8:443
34.29.37.160:443
35.164.247.19:443
35.168.128.144:443
35.72.110.97:443
35.72.81.198:443
35.75.239.134:443
37.120.146.76:443
37.220.87.31:443
38.54.30.37:2053
38.54.30.37:2083
38.54.30.37:2096
38.54.30.37:8443
39.105.219.32:443
42.193.23.91:8080
43.129.158.87:8082
43.129.158.87:8880
43.129.88.120:63011
43.136.168.94:443
43.136.168.94:8443
43.137.8.159:443
43.142.136.237:443
43.142.18.173:443
43.142.18.173:5000
43.142.18.173:8443
43.153.117.9:4433
43.154.148.145:443
43.156.232.7:2087
43.156.34.251:42424
43.159.43.58:443
45.129.3.134:8443
45.145.230.248:8090
45.145.231.204:666
45.227.253.238:10000
45.32.121.12:8443
45.32.157.106:2083
45.32.33.17:443
45.56.100.192:9090
45.61.184.196:2095
45.61.185.216:443
45.61.186.108:4433
45.61.186.121:443
45.61.188.128:443
45.63.26.240:443
45.63.26.240:888
45.88.221.91:808
45.9.74.66:443
46.161.40.118:443
47.100.215.156:443
47.106.193.75:7777
47.241.255.31:2080
47.241.255.31:4444
47.242.164.33:443
47.243.185.202:8099
47.244.167.171:4545
47.94.238.50:443
47.96.184.29:443
49.234.35.197:8079
5.181.86.249:4433
5.188.86.194:445
5.188.86.194:8088
5.57.245.135:7081
51.15.237.189:443
51.254.53.1:443
52.39.206.235:443
52.91.134.155:8080
54.210.2.63:443
54.235.244.75:443
54.248.1.227:4433
54.69.132.184:443
54.69.132.184:4430
64.176.37.78:5678
67.207.90.203:443
68.183.233.250:443
69.176.94.39:6666
70.39.93.88:443
8.210.56.76:8888
8.219.59.49:443
81.161.229.111:4433
81.161.229.134:443
81.161.229.168:10000
81.161.229.168:443
81.70.11.25:9999
82.156.177.149:443
82.157.62.138:2095
82.157.62.138:801
82.157.62.138:8881
83.217.11.21:443
84.247.51.87:10443
84.32.131.91:443
84.32.131.91:8080
84.32.131.91:8443
84.32.188.75:443
84.32.34.45:443
84.32.34.45:88
87.251.64.176:443
88.119.161.139:443
88.119.169.235:443
91.215.85.143:443
91.215.85.196:443
92.119.157.86:443
92.255.85.150:443
92.255.85.169:443
94.102.49.104:4433
96.43.99.82:6001
0xx1.kaspenskyupdates.com
139180215100.b-cdn.net
1424080362cf2a692e20.b-cdn.net
15bfd60aaa0965a2a710.b-cdn.net
19d8b02c1a4cbe695e00.b-cdn.net
1cd865e347ad36e8.azureedge.net
appdevtechnology.com
aspnetcenter.com
astradamus.com
beeffun.workers.dev
bx7jwhkpb4.execute-api.us-east-1.amazonaws.com
chinamobile.space
chrome-update.beeffun.workers.dev
cloudupdatesoft.online
contentdirect-gkcpe7cwafa0f7d7.z01.azurefd.net
contentnonprod.azureedge.net
cs-endpoint-hmb2bad8bkdwd2b0.z01.azurefd.net
cs45.meiiqia.com
d1mxovbic5u3wv.cloudfront.net
d3llu4686fshym.cloudfront.net
data.bytedance.net.cdn.dnsv1.com
didimutele.com
dobbyisfreeeee.com
dp0kuiftynn0b.cloudfront.net
drc6ebhco4cva.cloudfront.net
easy-dns.lol
engie.red
f495b6ab9dcf8d3b.info
fb1.me
financeht.com
fzupdate.com
google-dns.cloud
hayneselden.com
icy-bar-c375.microsoft-updatas.workers.dev
k597s.cn110.xyz
kali.arrenal.com
kani-cn.bytedance.net.cdn.dnsv1.com.cn
kekpook1337.workers.dev
kit18.kekpook1337.workers.dev
leinabetz.com
lelele.barycallebaut.co
lordgitcash.com
microsofe.xyz
microsoft-updatas.workers.dev
mwe.azureedge.net
nevergonnagiveyouup.us
nxsimdevelop.com
pj.flyvpncrack.com
player.hkdd.me
players.u2pic.us
playfish.fun
prod.risio.co.in
qw.svcshosvt.com
redir1.nevergonnagiveyouup.us
resolve-address.ddns.net
rubanojean.workers.dev
rubanojeansup.com
sermifleksiks.com
service-11ghje19-1301390598.sh.apigw.tencentcs.com
service-8gyxqgnf-1304181841.bj.apigw.tencentcs.com
service-98cbalut-1302394400.sh.apigw.tencentcs.com
service-center.club
service-cetz3fn1-1308943111.sh.apigw.tencentcs.com
service-cmgfmgrw-1301382485.nj.apigw.tencentcs.com
service-el84p2u9-1304765474.sh.apigw.tencentcs.com
service-mltm6xvs-1304585582.gz.apigw.tencentcs.com
service-nwokv82p-1258426110.sh.apigw.tencentcs.com
service-o4vr732h-1315517919.sh.apigw.tencentcs.com
shop.souhus.top
sso.sermifleksiks.com
submitgoogleurl.com
talulime.com
thxx.link
trialstreak.com
vpn-pulsesecure.com
war3.u2pic.us
weatherservice.rubanojean.workers.dev
windowsupdate-cdn.click
zh-cn.imags.microsoft.com.w.kunlunca.com
zocekah.com
/8Qmq7DgdDLnRLmYsyV5t4
/cAaQlfryh/8Qmq7DgdDLnRLmYsyV5t4
/safebrowsing/cAaQlfryh/
/safebrowsing/cAaQlfryh/8Qmq7DgdDLnRLmYsyV5t4
/Anticipate/command/4ASA63GX3IX
/Forge/logs/2WP2X20YGPOI
/command/4ASA63GX3IX
/logs/2WP2X20YGPOI
/2WP2X20YGPOI
/4ASA63GX3IX

# Reference: https://twitter.com/drb_ra/status/1625475133904244736

182.61.6.63:9999

# Reference: https://twitter.com/drb_ra/status/1625483852272525312

leshkogrier.com

# Reference: https://twitter.com/drb_ra/status/1625485155346354179

120.48.92.232:60443

# Reference: https://twitter.com/drb_ra/status/1625485396804046850

179.43.156.146:9443

# Reference: https://twitter.com/drb_ra/status/1625481945768513536

121.199.0.54:9988

# Reference: https://twitter.com/drb_ra/status/1625481036401414148

kadltt.top

# Reference: https://twitter.com/drb_ra/status/1625480377627295746

81.161.229.119:10443

# Reference: https://twitter.com/drb_ra/status/1625479695511785473

114.116.101.84:89
82.157.161.99:89

# Reference: https://twitter.com/drb_ra/status/1625479500107509760

81.69.96.149:8089

# Reference: https://twitter.com/drb_ra/status/1625479333660729349

lion3.life

# Reference: https://twitter.com/drb_ra/status/1625479131197583361

152.136.227.216:20443

# Reference: https://twitter.com/drb_ra/status/1625478300733775874

91.240.118.212:82

# Reference: https://twitter.com/drb_ra/status/1625476925517926401

47.100.37.216:8880
googlesupport.tk
net.googlesupport.tk

# Reference: https://twitter.com/drb_ra/status/1625476138851045384

88.218.193.100:443

# Reference: https://twitter.com/drb_ra/status/1625475177529151489

femaleaders.azureedge.net
watsoncti.azureedge.net
/686c6c647a/api-get

# Reference: https://twitter.com/drb_ra/status/1625504813818728448

158.247.196.89:8082

# Reference: https://twitter.com/drb_ra/status/1625504919531970561

198.13.40.190:10086

# Reference: https://twitter.com/drb_ra/status/1625505152739442688

http://171.22.30.252

# Reference: https://twitter.com/drb_ra/status/1625505339230638081

http://194.147.98.95

# Reference: https://twitter.com/drb_ra/status/1625505426904055810

185.143.223.38:3389

# Reference: https://twitter.com/drb_ra/status/1625505882816610305

8.210.158.189:443

# Reference: https://twitter.com/drb_ra/status/1625506836999725056

1.13.175.57:8081

# Reference: https://twitter.com/drb_ra/status/1625508186324180997

http://185.143.223.38

# Reference: https://twitter.com/drb_ra/status/1625508474477068290

193.134.209.59:8072

# Reference: https://twitter.com/malwrhunterteam/status/1624514945667805185
# Reference: https://www.virustotal.com/gui/file/6e5818b5b2f2003d3db53df1a663eea1cbff73e77691727670acef71132626cc/detection

trace.azureedge.net
/compare/v1.44/VXK7P0GBE8
/Construct/v1.85/JDX894ZM2WF1
/v1.44/VXK7P0GBE8
/v1.85/JDX894ZM2WF1
/JDX894ZM2WF1
/VXK7P0GBE8

# Reference: https://twitter.com/KorbenD_Intel/status/1625587617113726977

brosift.com

# Reference: https://twitter.com/drb_ra/status/1625583464828264456

108.166.220.43:7443

# Reference: https://twitter.com/drb_ra/status/1625583498361724929

147.182.162.157:443

# Reference: https://twitter.com/drb_ra/status/1625583542846603265

http://81.71.162.183

# Reference: https://twitter.com/drb_ra/status/1625583581425721348
# Reference: https://twitter.com/drb_ra/status/1625583753379688448

http://104.218.236.112
104.218.236.112:443

# Reference: https://twitter.com/drb_ra/status/1625583624199233554

http:/45.76.155.209

# Reference: https://twitter.com/drb_ra/status/1625583844811218944

91.215.85.196:8080

# Reference: https://twitter.com/drb_ra/status/1625583867884101638

18.134.98.91:443

# Reference: https://twitter.com/drb_ra/status/1625583959743643648

http://5.181.159.33

# Reference: https://twitter.com/drb_ra/status/1625584003783745541

23.224.42.12:8080

# Reference: https://twitter.com/drb_ra/status/1625584071890853910

http://79.124.59.134

# Reference: https://twitter.com/drb_ra/status/1625584228602720256

103.20.221.83:81

# Reference: https://twitter.com/drb_ra/status/1625584278409994241
# Reference: https://www.virustotal.com/gui/file/3706c30ebe13477bd2b1b0e03cd9739f5279e6bff907eeb4370765c376552293/detection

23.105.200.192:888

# Reference: https://twitter.com/drb_ra/status/1625584301570940933

43.163.220.245:8081

# Reference: https://twitter.com/drb_ra/status/1625584336425607184

studious.australiaeast.cloudapp.azure.com
/Upload/v9.6/NSUL07BW4V
/v9.6/NSUL07BW4V
/NSUL07BW4V

# Reference: https://twitter.com/drb_ra/status/1625584364489695245

43.135.157.217:8443

# Reference: https://twitter.com/drb_ra/status/1625584393837223937

122.10.13.45:8789

# Reference: https://twitter.com/drb_ra/status/1625584436283596803

http://149.28.23.113

# Reference: https://twitter.com/drb_ra/status/1625623431424143363

91.240.118.212:84

# Reference: https://twitter.com/drb_ra/status/1625627699124355072

150.158.75.102:14435

# Reference: https://twitter.com/drb_ra/status/1625628472331718657

114.115.240.129:444

# Reference: https://twitter.com/drb_ra/status/1625628528585715718

51.79.230.42:443

# Reference: https://twitter.com/drb_ra/status/1625631869554286594

82.157.173.159:7778

# Reference: https://twitter.com/drb_ra/status/1625681718102446083

http://155.138.134.252

# Reference: https://twitter.com/drb_ra/status/1625681911476633600

1.13.253.248:2083
microsoft-upgrade-cdn.com

# Reference: https://twitter.com/drb_ra/status/1625682070792970240

93.115.27.11:443
clicks-track.info

# Reference: https://twitter.com/drb_ra/status/1625682187029733376

http://3.238.187.130
http://3.89.195.4

# Reference: https://twitter.com/drb_ra/status/1625682307863531521

1.116.3.85:443

# Reference: https://twitter.com/drb_ra/status/1625682604371369986

154.39.157.8:443

# Reference: https://twitter.com/drb_ra/status/1625684583172784128

vehucabuc.com

# Reference: https://twitter.com/drb_ra/status/1625836997901266949

185.143.223.38:443

# Reference: https://twitter.com/drb_ra/status/1625845885161685000

124.221.246.224:4433

# Reference: https://twitter.com/drb_ra/status/1625862506718584833

108.62.141.243:443
rikukof.com
/Communicate/v1.85/H4J1K7PAI5
/v1.85/H4J1K7PAI5
/H4J1K7PAI5

# Reference: https://twitter.com/drb_ra/status/1625863859788554240

64.44.102.195:443
95.168.191.239:443

# Reference: https://twitter.com/drb_ra/status/1625864276442329088

http://176.113.115.44

# Reference: https://twitter.com/drb_ra/status/1625864366619852800

sykxbelpzft6.com
pw.sykxbelpzft6.com

# Reference: https://twitter.com/drb_ra/status/1625864578402770946

103.30.17.40:443

# Reference: https://twitter.com/drb_ra/status/1625865142561808387

176.113.115.44:443

# Reference: https://twitter.com/drb_ra/status/1625865509982941185

86.106.102.135:443

# Reference: https://twitter.com/drb_ra/status/1625865887478685697

178.79.157.195:443

# Reference: https://twitter.com/drb_ra/status/1625866278857588736

159.223.190.172:4444

# Reference: https://twitter.com/drb_ra/status/1625866515747684354

172.245.129.218:2087
flyvpncrack.com
pj.flyvpncrack.com

# Reference: https://twitter.com/drb_ra/status/1625866730957418498

http://106.12.128.48

# Reference: https://twitter.com/drb_ra/status/1625867828594089985

185.143.223.38:88

# Reference: https://twitter.com/drb_ra/status/1625892730596474880

3.236.86.244:443

# Reference: https://twitter.com/drb_ra/status/1625892866986848260

http://39.98.57.111

# Reference: https://twitter.com/Gi7w0rm/status/1625645124247076870
# Reference: https://www.zscaler.com/blogs/security-research/havoc-across-cyberspace
# Reference: https://www.virustotal.com/gui/file/dba614a3b64db6ab346bf37683a9d13b5013fb4b7def2acdd8a697d26b62e48d/detection
# Reference: https://www.virustotal.com/gui/file/f577e247a29f74cf5517d47cc4821dc4d087cb96d5456ebb2f6f858dbe828ccd/detection
# Reference: https://www.virustotal.com/gui/file/ccb6d9742cf9329f2cb8030a25be663d098878ece7ffcfaa483b50856ad3c08e/detection
# Reference: https://www.virustotal.com/gui/file/c9a395ec3fb69e124c672823333ec165fce21a5773618153bc251cc8b2503dc4/detection
# Reference: https://www.virustotal.com/gui/file/b19f1eb30638f1f4695fe0741a1ccdb8ce0aa78b6ea343b4799a64ca1f1b1971/detection
# Reference: https://www.virustotal.com/gui/file/aea22bdf30f2b5ece1f867d4193ddbf48a5e8ebf812d9b7586db4aa54f1abf5d/detection

http://146.190.48.229
146.190.48.229:2323
146.190.48.229:3939
146.190.48.229:6963
146.190.48.229:7777
146.190.48.229:9797
ttwweatterarartgea.ga

# Reference: https://www.virustotal.com/gui/file/8337ea3394a7a19ecb6685063a3ba262d2fb7d4d0d2f7ef553acc9a87b196859/detection

http://45.11.180.179

# Reference: https://www.virustotal.com/gui/file/f5725eca4691c1a28195e928d91534c7ae551890b9d54a965c6727f825bced9e/detection

185.212.44.119:443

# Reference: https://twitter.com/StopMalvertisin/status/1626111064088932353
# Reference: https://www.virustotal.com/gui/file/51e1869c47de3f24768378c7a38b5549ddd5f551bee9236960453d17795475a9/detection

43.138.225.160:9088

# Reference: https://twitter.com/drb_ra/status/1625987882866429956

updates.boomshaka.online
updates.boomshaka.online.dsa.dnsv1.com.cn

# Reference: https://twitter.com/drb_ra/status/1625991094889480192

sideq500.net
sec.sideq500.net

# Reference: https://twitter.com/drb_ra/status/1625991237030354946

http://103.30.17.40

# Reference: https://twitter.com/drb_ra/status/1626042494692777985
# Reference: https://twitter.com/drb_ra/status/1626042497490120704

0c422952587f892b.azureedge.net
dnht95ajef6hr.cloudfront.net
/safebrowsing/RQXcm/nbpp4qlDy-S9TfjlCq7rXcxoFzlNfhlf71IfORkTuih
/RQXcm/nbpp4qlDy-S9TfjlCq7rXcxoFzlNfhlf71IfORkTuih
/nbpp4qlDy-S9TfjlCq7rXcxoFzlNfhlf71IfORkTuih

# Reference: https://twitter.com/drb_ra/status/1626042883353505792

34.125.246.149:5005

# Reference: https://twitter.com/drb_ra/status/1626047271040155654
# Reference: https://twitter.com/drb_ra/status/1626047661034901508

http://23.106.215.138
23.106.215.138:8080
benagineko.com
/Communicate/press/W55M1MYWAKXC
/press/W55M1MYWAKXC
/W55M1MYWAKXC

# Reference: https://twitter.com/drb_ra/status/1626166168003158016

23.108.57.162:443
maxarusok.com
/def/about_us/0AUMIAY4OU
/about_us/0AUMIAY4OU
/0AUMIAY4OU

# Reference: https://twitter.com/drb_ra/status/1626302831622848514

mmmooo.cpolar.top

# Reference: https://twitter.com/drb_ra/status/1626203566036639746
# Reference: https://twitter.com/drb_ra/status/1626208637117931521

144.34.189.30:83
144.34.189.30:8443

# Reference: https://twitter.com/drb_ra/status/1626205986175299584

1.65.218.184:8023

# Reference: https://twitter.com/drb_ra/status/1626207416940478464

service-k791lpuo-1306177445.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1626230967869542403

118.194.230.222:8443

# Reference: https://twitter.com/drb_ra/status/1626231053810798597

microsoftservice.ml

# Reference: https://twitter.com/drb_ra/status/1626231517684039683

192.227.155.185:443

# Reference: https://twitter.com/drb_ra/status/1626232124293656576

http://95.179.182.214

# Reference: https://twitter.com/drb_ra/status/1626232518923161601
# Reference: https://twitter.com/drb_ra/status/1626232722695016449

103.234.72.215:443
103.234.72.28:443
103.234.72.99:8443
down.localhost-microsoft.com
download.localhost-microsoft.com

# Reference: https://twitter.com/drb_ra/status/1626232645117181952

http://185.81.68.195

# Reference: https://twitter.com/drb_ra/status/1626232940031250434

http://150.158.55.102

# Reference: https://twitter.com/drb_ra/status/1626233499912138754

imvcatool.com

# Reference: https://twitter.com/drb_ra/status/1626234172288430083

207.246.125.55:8081

# Reference: https://twitter.com/drb_ra/status/1626302881124024324

103.185.249.52:9090

# Reference: https://twitter.com/drb_ra/status/1626302905568329729

buyer.techagencyinc.com

# Reference: https://twitter.com/drb_ra/status/1626302975508459534

185.249.225.197:8443

# Reference: https://twitter.com/drb_ra/status/1626303061458051076

46.161.27.152:443

# Reference: https://twitter.com/drb_ra/status/1626303295953244164

37.1.211.184:443

# Reference: https://twitter.com/drb_ra/status/1626303352127512578

5.181.159.96:8080

# Reference: https://twitter.com/drb_ra/status/1626303398021660672

http://45.136.15.252

# Reference: https://twitter.com/drb_ra/status/1626303435195707392

43.136.134.43:443

# Reference: https://twitter.com/drb_ra/status/1626303456158879746

http://1.15.120.10

# Reference: https://twitter.com/drb_ra/status/1626303558080503808

5.183.81.215:443

# Reference: https://twitter.com/drb_ra/status/1626303617199112194

http://101.34.156.11

# Reference: https://twitter.com/drb_ra/status/1626312327573258242

107.172.206.242:9990

# Reference: https://twitter.com/drb_ra/status/1626312860501438465

42.192.195.250:4567

# Reference: https://twitter.com/drb_ra/status/1626316228628213761

139.99.118.61:443

# Reference: https://twitter.com/drb_ra/status/1626318304817082368

http://47.100.215.156

# Reference: https://twitter.com/drb_ra/status/1626319008952684544

182.61.147.36:443

# Reference: https://twitter.com/KorbenD_Intel/status/1626752710308397056

paymentproces.live

# Reference: https://twitter.com/drb_ra/status/1626346795721793537

179.43.162.6:443

# Reference: https://twitter.com/drb_ra/status/1626349611018293249

95.179.182.214:9003

# Reference: https://twitter.com/drb_ra/status/1626351438501650433

43.143.191.86:443

# Reference: https://twitter.com/drb_ra/status/1626354139679625218

108.165.178.42:8080

# Reference: https://twitter.com/drb_ra/status/1626356860839161856

150.158.55.102:443

# Reference: https://twitter.com/drb_ra/status/1626357034147844104

http://37.1.211.184

# Reference: https://twitter.com/drb_ra/status/1626358051165941765

cloudstoreone.online

# Reference: https://twitter.com/drb_ra/status/1626407758051278849

124.70.100.184:443

# Reference: https://twitter.com/drb_ra/status/1626409577452281857

43.153.74.22:8000

# Reference: https://twitter.com/drb_ra/status/1626409600898502657

108.62.141.243:8080

# Reference: https://twitter.com/drb_ra/status/1626409840267481089

http://23.108.57.162

# Reference: https://twitter.com/drb_ra/status/1626553209757089795

47.95.149.125:8443

# Reference: https://twitter.com/drb_ra/status/1626554110693482496

45.32.20.185:443

# Reference: https://twitter.com/drb_ra/status/1626558875712331777

123.60.165.221:443

# Reference: https://twitter.com/drb_ra/status/1626560141104496640

179.43.156.134:9443

# Reference: https://twitter.com/drb_ra/status/1626642751314968576

43.142.68.138:5672

# Reference: https://twitter.com/drb_ra/status/1626643280988340224

43.138.121.8:8080

# Reference: https://twitter.com/drb_ra/status/1626643606478983171

95.179.141.84:443
roodmawell.com

# Reference: https://twitter.com/drb_ra/status/1626561846089072641

47.100.164.90:1234

# Reference: https://twitter.com/drb_ra/status/1626564430182989824

114.55.90.86:9999

# Reference: https://twitter.com/drb_ra/status/1626586779062247424

217.30.10.215:444

# Reference: https://twitter.com/drb_ra/status/1626586846573760512

103.234.72.26:8081

# Reference: https://twitter.com/drb_ra/status/1626587020603850754

185.81.68.195:445

# Reference: https://twitter.com/drb_ra/status/1626587203903295491

139.144.188.75:8082

# Reference: https://twitter.com/drb_ra/status/1626587243774377984

103.234.72.99:443

# Reference: https://twitter.com/drb_ra/status/1626587349852512256

139.144.188.75:48888

# Reference: https://twitter.com/drb_ra/status/1626587383889293312

136.244.111.57:443

# Reference: https://twitter.com/drb_ra/status/1626587458489192451

108.165.178.43:8090

# Reference: https://twitter.com/drb_ra/status/1626587739570450435

http://159.223.190.172

# Reference: https://twitter.com/drb_ra/status/1626588377083695106

139.144.188.75:8088

# Reference: https://twitter.com/drb_ra/status/1626589315752132611

108.165.178.42:8090

# Reference: https://twitter.com/drb_ra/status/1626589376997388293

85.204.116.166:8443

# Reference: https://twitter.com/drb_ra/status/1626589626134851586

cc.sncyhkttp.nl

# Reference: https://twitter.com/drb_ra/status/1626640908375453696

inspire.azureedge.net

# Reference: https://twitter.com/drb_ra/status/1626641304758194188
# Reference: https://twitter.com/drb_ra/status/1626769833298731009

minrosoftupdate.com
s172.minrosoftupdate.com
s173.minrosoftupdate.com
winlog02.micnosoftupdates.com
winlog03.micnosoftupdates.com

# Reference: https://twitter.com/drb_ra/status/1626642301928759296

47.100.131.229:8001

# Reference: https://twitter.com/drb_ra/status/1626644572993425433

95.179.141.84:443
roodmawell.com

# Reference: https://twitter.com/drb_ra/status/1626644572993425433

119.3.173.115:18081

# Reference: https://twitter.com/drb_ra/status/1626645201866395660

86.38.217.13:5454

# Reference: https://twitter.com/drb_ra/status/1626647260992835597

galspost.com
/apply/admin_/99ZSSAHDH
/admin_/99ZSSAHDH
/99ZSSAHDH

# Reference: https://twitter.com/drb_ra/status/1626650630558257170

http://5.75.248.69

# Reference: https://twitter.com/drb_ra/status/1626652362667397126

8.134.63.69:443

# Reference: https://twitter.com/drb_ra/status/1626652541319581716

42.193.218.36:60001

# Reference: https://twitter.com/drb_ra/status/1626654042821632000

185.81.68.195:443

# Reference: https://twitter.com/drb_ra/status/1626654106944213011

103.234.72.28:8443

# Reference: https://twitter.com/drb_ra/status/1626655626074984449

http://3.76.214.24

# Reference: https://twitter.com/drb_ra/status/1626655968418271233

/s/m-KgYo0qAJMhixt4lUjJNmgxrnN0UerjH/field-keywords/
/s/m-KgYo0qAJMhixt4lUjJNmgxrnN0UerjH/
/m-KgYo0qAJMhixt4lUjJNmgxrnN0UerjH/field-keywords/
/m-KgYo0qAJMhixt4lUjJNmgxrnN0UerjH/

# Reference: https://twitter.com/drb_ra/status/1626672323376869378

128.199.80.168:8848

# Reference: https://twitter.com/drb_ra/status/1626672400166182926

45.81.128.195:443

# Reference: https://twitter.com/drb_ra/status/1626672466582986770

16.162.120.141:8188

# Reference: https://twitter.com/drb_ra/status/1626672642353684491

shoppie.online
algoliaplaces.arsvmcloud.com
jquery.shoppie.online
/record/v3.87/UCH6V934F
/v3.87/UCH6V934F
/UCH6V934F

# Reference: https://www.virustotal.com/gui/file/cf434eed9770be58e72296a5c74a8e9f649260fb2681ad7a6c31d43eb7892d10/detection
# Reference: https://www.virustotal.com/gui/file/6b7950511fcce03873ec763f037d8c1e225f77e3da687aa5d82957ffb947d8e9/detection

msazure-api-us.arsvmcloud.com

# Reference: https://www.virustotal.com/gui/file/8b3b1ce121fa774f06c03f606c0ff4a9ca4646121b47c227104ab11f7982cdf5/detection

trendmicro.arsvmcloud.com

# Reference: https://twitter.com/drb_ra/status/1626672701770194959

47.88.88.59:8090

# Reference: https://twitter.com/drb_ra/status/1626672862386872337

2.58.87.57:8080

# Reference: https://twitter.com/drb_ra/status/1626673209176121354

5.181.159.79:8443

# Reference: https://twitter.com/drb_ra/status/1626673209176121354

5.181.159.79:8443
mcuweb.cf
testxx.mcuweb.cf

# Reference: https://twitter.com/drb_ra/status/1626674436467220489

88.214.27.53:50006

# Reference: https://twitter.com/drb_ra/status/1626773458339102725

http://23.108.57.80

# Reference: https://twitter.com/drb_ra/status/1626774194221629441

43.142.99.228:8123

# Reference: https://twitter.com/drb_ra/status/1626775718016212995

1.13.82.101:443
/jquery-3.3.2.N2cQ4mXdZ4nIo9XIhttp.min.js

# Reference: https://twitter.com/drb_ra/status/1626775796198023170

175.178.151.92:443

# Reference: https://twitter.com/malwrhunterteam/status/1626343685381140481
# Reference: https://www.virustotal.com/gui/file/91c49812c498bb3f5491f0d7c4bfa42de0508a0eab4c19aacb9bb57e68300c37/detection

hosting.krungthai.net
/Claim/corporate/BSRRBT2X
/corporate/BSRRBT2X
/BSRRBT2X
/Run/com3/AW6992YJQ
/com3/AW6992YJQ
/AW6992YJQ
/Run/com3/AW6992YJQ?_DWFDMXUX=
/com3/AW6992YJQ?_DWFDMXUX=
/AW6992YJQ?_DWFDMXUX=

# Reference: https://twitter.com/drb_ra/status/1626920649712074752

1.13.82.101:23

# Reference: https://twitter.com/drb_ra/status/1626921172385366017

180.76.247.230:8082

# Reference: https://twitter.com/TrackerC2Bot/status/1619778742405980160

sofic-online.com
srcb-info.buzz

# Reference: https://twitter.com/TrackerC2Bot/status/1616866192840351744

123.56.74.39:443

# Reference: https://twitter.com/TrackerC2Bot/status/1615331236876107776

47.109.25.241:5656

# Reference: https://twitter.com/TrackerC2Bot/status/1615417502837645312

193.106.191.187:443

# Reference: https://twitter.com/drb_ra/status/1626953215337017346

1.13.23.88:8443

# Reference: https://twitter.com/TrackerC2Bot/status/1615778377503227910

47.92.126.214:8099

# Reference: https://twitter.com/TrackerC2Bot/status/1615959328971792384

104.21.89.53:8443
172.67.188.34:8443

# Reference: https://twitter.com/TrackerC2Bot/status/1616234772887371778

http://192.99.250.7

# Reference: https://twitter.com/TrackerC2Bot/status/1619313852247674883

43.138.168.61:17002

# Reference: https://twitter.com/TrackerC2Bot/status/1620583626562846721

http://188.34.199.86

# Reference: https://twitter.com/TrackerC2Bot/status/1620670825006338049

63.250.42.171:443

# Reference: https://twitter.com/TrackerC2Bot/status/1620942445482545152

198.199.88.48:8088
windowsapp.shop

# Reference: https://twitter.com/TrackerC2Bot/status/1621576924349726727

http://81.69.4.32

# Reference: https://twitter.com/TrackerC2Bot/status/1622122980875591680

120.77.18.249:55555

# Reference: https://twitter.com/TrackerC2Bot/status/1623034254283182089

service-4xrjz1wg-1253795072.gz.apigw.tencentcs.com

# Reference: https://twitter.com/TrackerC2Bot/status/1623208072343592962

bustring.com
css.bustring.com
/safebrowsing/QVXHQf/QVXHQfXdpinARC06MctcJ4hprcWoBIZaDp2-M
/safebrowsing/QVXHQf/
/QVXHQf/QVXHQfXdpinARC06MctcJ4hprcWoBIZaDp2-M
/QVXHQfXdpinARC06MctcJ4hprcWoBIZaDp2-M

# Reference: https://twitter.com/TrackerC2Bot/status/1623570787805405184

107.173.80.40:81
47.92.115.123:4445

# Reference: https://twitter.com/TrackerC2Bot/status/1623666464321417219

139.224.194.115:443

# Reference: https://twitter.com/cobaltstrikebot/status/1627040423444369409

kadltt.top
micorsoft.shop

# Reference: https://twitter.com/drb_ra/status/1627078101632172033

39.96.116.31:8990

# Reference: https://twitter.com/drb_ra/status/1627082590795730950

http://1.15.42.6
http://172.67.129.237
c3301.xyz

# Reference: https://twitter.com/drb_ra/status/1627306760099823619

103.131.189.120:443

# Reference: https://twitter.com/drb_ra/status/1627307264661983234

194.165.16.58:4444

# Reference: https://twitter.com/drb_ra/status/1627307560809250818

http://34.229.221.1

# Reference: https://twitter.com/drb_ra/status/1627307778510389249

154.38.114.212:4444

# Reference: https://twitter.com/drb_ra/status/1627308267545276420

8.210.196.209:8888

# Reference: https://twitter.com/drb_ra/status/1627308763735531520

104.168.68.35:9000

# Reference: https://twitter.com/drb_ra/status/1627308810707648512

http://103.145.23.17

# Reference: https://twitter.com/drb_ra/status/1627308984796344324

202.95.19.204:443

# Reference: https://twitter.com/drb_ra/status/1627309734687547393

windowspush.workers.dev
networkserverddde.windowspush.workers.dev

# Reference: https://twitter.com/drb_ra/status/1627309849632509953

http://154.92.19.225

# Reference: https://twitter.com/drb_ra/status/1627310096702222336

43.142.87.35:443

# Reference: https://twitter.com/drb_ra/status/1627311173061300225

microsofteth.workers.dev
runtime.microsofteth.workers.dev

# Reference: https://twitter.com/drb_ra/status/1627391247693357057

1.15.141.252:8080

# Reference: https://twitter.com/drb_ra/status/1627391363472928768

108.165.178.43:8080

# Reference: https://twitter.com/drb_ra/status/1627391613839220736

159.65.140.121:443

# Reference: https://twitter.com/drb_ra/status/1627391907834875906

http://103.145.23.14

# Reference: https://twitter.com/drb_ra/status/1627435492831625217

101.34.36.50:3333

# Reference: https://twitter.com/drb_ra/status/1627440742388969473

147.182.250.103:443
35.175.135.236:443

# Reference: https://twitter.com/drb_ra/status/1627440773619671041

43.143.195.119:2121

# Reference: https://twitter.com/drb_ra/status/1627443466715205632

43.139.241.58:443

# Reference: https://twitter.com/drb_ra/status/1627445640048287749

85.175.101.203:443

# Reference: https://twitter.com/drb_ra/status/1627567406355820544

http://79.137.204.118

# Reference: https://twitter.com/drb_ra/status/1627567548551032832

http://100.42.78.147

# Reference: https://twitter.com/drb_ra/status/1627855181177126919

1.15.106.81:20100

# Reference: https://twitter.com/drb_ra/status/1627855259333758977

193.149.185.196:82
45.80.128.21:82

# Reference: https://twitter.com/drb_ra/status/1627567591295254528

49.4.88.243:8089
8.210.196.209:8089

# Reference: https://twitter.com/drb_ra/status/1627567686304641026

104.168.68.35:8000

# Reference: https://twitter.com/drb_ra/status/1627644922265317377

http://1.13.192.171

# Reference: https://twitter.com/drb_ra/status/1627649046096539650

120.46.219.85:808

# Reference: https://twitter.com/drb_ra/status/1627655154425028608

107.148.149.213:8080

# Reference: https://twitter.com/drb_ra/status/1627673130498940928

35.89.195.215:443

# Reference: https://twitter.com/drb_ra/status/1627673287760220163

47.94.216.137:443

# Reference: https://twitter.com/drb_ra/status/1627673601922007042

http://45.88.170.91

# Reference: https://twitter.com/drb_ra/status/1627673756872081408

http://162.33.179.164

# Reference: https://twitter.com/drb_ra/status/1627673784785285121

45.88.170.91:82

# Reference: https://twitter.com/drb_ra/status/1627679303709208576

172.86.120.123:443
miyomejosa.com
/Demonstrate/v9.38/8Q90RCSRP3PK
/v9.38/8Q90RCSRP3PK
/8Q90RCSRP3PK

# Reference: https://twitter.com/drb_ra/status/1627754374993674240

devcloudpro.com

# Reference: https://twitter.com/drb_ra/status/1627754795674046467

http://47.92.76.4

# Reference: https://twitter.com/drb_ra/status/1627797780390445057

domainnet.ssl443.org

# Reference: https://twitter.com/drb_ra/status/1627797966663606274

23.106.223.214:443
paxajakibo.com
/Run/v5.69/5F2M08FS
/v5.69/5F2M08FS
/5F2M08FS

# Reference: https://twitter.com/drb_ra/status/1627804500185563136

223.84.144.240:12346

# Reference: https://twitter.com/drb_ra/status/1627854100871225346

realversedesign.com
/Calculate/v9.8/5EW2XGADD
/v9.8/5EW2XGADD
/5EW2XGADD

# Reference: https://twitter.com/drb_ra/status/1627854222921269248

91.223.236.214:8080

# Reference: https://twitter.com/drb_ra/status/1627854320208052224

193.149.185.196:82

# Reference: https://twitter.com/drb_ra/status/1627854349157167105

172.245.142.99:81

# Reference: https://twitter.com/drb_ra/status/1627854369721880576

http://121.196.222.60

# Reference: https://twitter.com/drb_ra/status/1627854400495534080

http://104.21.56.57
http://172.67.178.195
http://64.176.2.167
amazon-cdn.org

# Reference: https://twitter.com/drb_ra/status/1627854684722454529

http://172.19.16.3
http://43.155.74.166

# Reference: https://twitter.com/drb_ra/status/1627854770689003521

98.142.138.66:8444
zenphp000.tk
baidu.com.zenphp000.tk

# Reference: https://twitter.com/drb_ra/status/1627854793745002498

103.146.179.83:8732

# Reference: https://twitter.com/drb_ra/status/1627854858765193216

69.49.235.167:8088

# Reference: https://twitter.com/drb_ra/status/1627854933860003841

http://45.80.128.21

# Reference: https://twitter.com/drb_ra/status/1627854982115471363

173.82.187.171:8443

# Reference: https://twitter.com/drb_ra/status/1627855012268322816

194.135.24.238:443

# Reference: https://twitter.com/drb_ra/status/1627855087782531072

144.34.163.168:4444

# Reference: https://twitter.com/drb_ra/status/1627855154035785729

http://45.227.255.185

# Reference: https://twitter.com/drb_ra/status/1627855154035785729

http://144.34.163.168

# Reference: https://twitter.com/drb_ra/status/1628010982407647232
# Reference: https://twitter.com/drb_ra/status/1628015208378642434

http://195.123.241.169
195.123.241.169:443
/multiply/v7.05/1M9DUKK9FA
/v7.05/1M9DUKK9FA
/1M9DUKK9FA

# Reference: https://twitter.com/drb_ra/status/1628013070361436161
# Reference: https://twitter.com/drb_ra/status/1628017589321342979

http://1.116.2.18
1.116.2.18:8090

# Reference: https://twitter.com/drb_ra/status/1628017654765088772

23.108.57.58:443
xudavano.com
/Compare/cs/1J11E82ZFH
/cs/1J11E82ZFH
/1J11E82ZFH

# Reference: https://twitter.com/drb_ra/status/1628039825029795841

172.245.142.98:81
172.245.142.99:81

# Reference: https://twitter.com/drb_ra/status/1628039997457661952

http://150.158.11.76

# Reference: https://twitter.com/drb_ra/status/1628040373690941440

http://194.135.24.238

# Reference: https://twitter.com/drb_ra/status/1628040954975223809

47.98.173.89:443

# Reference: https://twitter.com/drb_ra/status/1628041029629759488

172.245.142.99:81
192.3.113.194:81

# Reference: https://twitter.com/drb_ra/status/1628046733803487232

baveyek.com

# Reference: https://twitter.com/drb_ra/status/1628054277229797381

43.154.27.211:8088

# Reference: https://twitter.com/drb_ra/status/1628054464140570624

service-p8rvo1ba-1257582847.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1628065073955500034

45.89.199.128:8080

# Reference: https://twitter.com/drb_ra/status/1628065174165790721

38.60.39.41:888

# Reference: https://twitter.com/drb_ra/status/1628065228276604936

http://47.93.97.210

# Reference: https://twitter.com/drb_ra/status/1628065255141113859

193.149.185.196:83
45.80.128.21:83

# Reference: https://twitter.com/drb_ra/status/1628065286590005248

http://38.60.39.41

# Reference: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/hydrochasma-asia-medical-shipping-intelligence-gathering

http://106.14.184.148
http://180.119.234.147
http://39.101.194.61
http://47.92.138.241
47.92.138.241:8000
47.92.138.241:8080
47.92.138.241:8090
47.92.138.241:8899
alidocs.dingtalk.com.wswebpic.com
csc.zte.com.cn.wswebpic.com
taoche.cn.wswebpic.com

# Reference: https://twitter.com/drb_ra/status/1628165970807209990
# Reference: https://twitter.com/drb_ra/status/1628166587688660992
# Reference: https://twitter.com/drb_ra/status/1628171402762194945

http://139.9.131.222
139.9.131.222:443
139.9.131.222:8080

# Reference: https://twitter.com/drb_ra/status/1628166819184885763

150.158.11.76:8080

# Reference: https://twitter.com/drb_ra/status/1628171272461991936

179.43.156.134:443

# Reference: https://twitter.com/drb_ra/status/1628218029866725378
# Reference: https://twitter.com/drb_ra/status/1628459937465528321
# Reference: https://www.virustotal.com/gui/ip-address/85.239.54.254/relations

85.239.54.254:8080
85.239.54.254:8443
silversters.com
sso.silversters.com

# Reference: https://twitter.com/drb_ra/status/1628218182010822658
# Reference: https://twitter.com/drb_ra/status/1628218429000785921

107.148.149.213:2096
107.148.149.213:8443

# Reference: https://twitter.com/drb_ra/status/1628218622333136897

85.10.132.67:443

# Reference: https://twitter.com/drb_ra/status/1628218667665072128

107.174.66.104:8443

# Reference: https://twitter.com/drb_ra/status/1628218696186429443

http://103.234.72.195

# Reference: https://twitter.com/drb_ra/status/1628218819914104833

35.183.12.60:443

# Reference: https://twitter.com/drb_ra/status/1628218889539620864

service-7eaicd0p-1308943111.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1628221537848262657
# Reference: https://twitter.com/drb_ra/status/1628223049764859908

139.144.188.75:8082
139.144.188.75:8088

# Reference: https://twitter.com/drb_ra/status/1628370471606517762

107.174.66.104:443

# Reference: https://twitter.com/drb_ra/status/1628372262632972291

179.43.156.146:8081

# Reference: https://twitter.com/drb_ra/status/1628372639227027457

111.230.242.129:443

# Reference: https://twitter.com/drb_ra/status/1628374018087583744

139.144.188.75:48888

# Reference: https://twitter.com/drb_ra/status/1628377035654459392

108.62.118.131:8080

# Reference: https://twitter.com/drb_ra/status/1628378887062265857

85.117.234.90:8080

# Reference: https://twitter.com/drb_ra/status/1628379172375523328

47.99.58.62:8443

# Reference: https://twitter.com/drb_ra/status/1628379173134761986

82.157.75.169:443

# Reference: https://twitter.com/drb_ra/status/1628459662327554048

45.128.209.172:443

# Reference: https://twitter.com/drb_ra/status/1628459697991827457

45.8.146.95:5623

# Reference: https://twitter.com/drb_ra/status/1628460051173199875

38.242.139.163:443

# Reference: https://twitter.com/drb_ra/status/1628460086761848832

20.210.200.226:2087

# Reference: https://twitter.com/drb_ra/status/1628460150917935105

service-n4ufol3c-1252579309.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1628460216957140992

service-3c8oujtz-1252130768.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1628460252424200192

13.228.190.254:5000

# Reference: https://twitter.com/drb_ra/status/1628460276797276164

54.152.152.67:443

# Reference: https://twitter.com/KorbenD_Intel/status/1628486053030989826

tencent0.tk

# Reference: https://www.virustotal.com/gui/file/6d5cdebbc1c994e7823023f16759bfaf2b2fd4311efb139a05b8da885f9674d0/detection

157.245.157.93:8080

# Reference: https://twitter.com/cobaltstrikebot/status/1628489593334157312

hao012.tk
baidu.hao012.tk

# Reference: https://twitter.com/drb_ra/status/1628522133977538563

43.136.176.207:8088

# Reference: https://twitter.com/drb_ra/status/1628524671371997191

http://81.161.229.168
nl01-cdn.cloudflare.com

# Reference: https://twitter.com/drb_ra/status/1628527149048033280

pililor.com

# Reference: https://twitter.com/drb_ra/status/1628531532913684481
# Reference: https://www.virustotal.com/gui/file/047dc07c0669d0292763ba0bc0d851a316c176044ba75addb2e88d250c22f542/detection

testok.bilibili.com

# Reference: https://twitter.com/drb_ra/status/1628532822335188992

1.117.169.18:443

# Reference: https://twitter.com/drb_ra/status/1628580179772571649

1.13.183.223:443

# Reference: https://twitter.com/drb_ra/status/1628580470022627329

49.0.250.177:4444

# Reference: https://twitter.com/drb_ra/status/1628580688520790017

146.185.22.138:443

# Reference: https://twitter.com/drb_ra/status/1628580691465191425

http://49.0.250.177

# Reference: https://twitter.com/drb_ra/status/1628580764454473728
# Reference: https://twitter.com/drb_ra/status/1628745037700792321

http://140.99.171.91
http://140.99.171.92

# Reference: https://twitter.com/drb_ra/status/1628581028678844417

192.119.87.215:8082

# Reference: https://twitter.com/drb_ra/status/1628581055966871553

161.97.96.177:2087
0day.monster
google.0day.monster

# Reference: https://twitter.com/drb_ra/status/1628582433409970177

zocujur.com

# Reference: https://twitter.com/drb_ra/status/1628732823988318209

service-9p7fpg6n-1257582847.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1628734883639050240

http://104.21.88.110
http://172.67.177.33
http://54.237.85.77
geeksnail.ga
hiden.geeksnail.ga

# Reference: https://twitter.com/drb_ra/status/1628735026291523585

120.48.83.89:9443

# Reference: https://twitter.com/drb_ra/status/1628736435275587584

47.242.204.38:8990

# Reference: https://twitter.com/drb_ra/status/1628737201126141952

http://216.83.38.235

# Reference: https://twitter.com/drb_ra/status/1628737262258200579

d2keeghmxuwkh3.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1628738478782533633

http://121.41.77.84

# Reference: https://twitter.com/drb_ra/status/1628738515944062976

123.249.77.187:8080

# Reference: https://twitter.com/drb_ra/status/1628738630142291969

124.222.3.42:443

# Reference: https://twitter.com/drb_ra/status/1628738795834056706

108.62.118.124:443
doxuwojol.com
/Interpret/codepages/UIPBTD4S
/codepages/UIPBTD4S
/UIPBTD4S

# Reference: https://twitter.com/drb_ra/status/1628739824084549633

dogalebic.com

# Reference: https://twitter.com/drb_ra/status/1628740085897207808

121.41.77.84:443

# Reference: https://twitter.com/drb_ra/status/1628741425092231168

161.97.96.177:2053
office365.lol
outlook.office365.lol

# Reference: https://twitter.com/drb_ra/status/1628741791699664896

101.43.188.175:8443
chidao.icu

# Reference: https://twitter.com/drb_ra/status/1628742990356221954

vmware.rest

# Reference: https://twitter.com/drb_ra/status/1628743642604089344

negopisetu.com

# Reference: https://twitter.com/drb_ra/status/1628744040324780035

108.165.178.42:9091
108.165.178.43:9091

# Reference: https://twitter.com/drb_ra/status/1628744765016604673

http://107.148.149.21

# Reference: https://twitter.com/drb_ra/status/1628744978565324803

http://121.4.60.187

# Reference: https://twitter.com/drb_ra/status/1628745297764425728

liuzhanxian.shop

# Reference: https://twitter.com/drb_ra/status/1628745513766977537

167.179.114.189:443

# Reference: https://twitter.com/drb_ra/status/1628783841706926081

114.132.150.96:6666

# Reference: https://twitter.com/drb_ra/status/1628783982211899393

http://154.211.12.40

# Reference: https://twitter.com/drb_ra/status/1628784222293966849

47.115.211.116:443

# Reference: https://twitter.com/drb_ra/status/1628784534685683712

14.29.17.171:999

# Reference: https://twitter.com/drb_ra/status/1628786676678918144

service-hsqfpd4w-1301841391.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1628786976215257089

139.224.189.177:8443

# Reference: https://twitter.com/drb_ra/status/1628800427725561861

23.225.191.10:7890

# Reference: https://twitter.com/drb_ra/status/1628800512823894017

ajax-microsoft.com
msdn.ajax-microsoft.com
/link/v3.22/4EN738VY
/v3.22/4EN738VY
/4EN738VY

# Reference: https://twitter.com/drb_ra/status/1628800552732598272

d2cek19ei8u7c4.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1628800591689396224

54.152.152.67:8022

# Reference: https://twitter.com/drb_ra/status/1628800722199363584

43.156.59.131:81

# Reference: https://twitter.com/drb_ra/status/1628802923005083650

http://121.4.255.153

# Reference: https://twitter.com/drb_ra/status/1628891491371298817

106.13.20.56:8090

# Reference: https://twitter.com/drb_ra/status/1628940891996946433

1.13.82.101:8041

# Reference: https://twitter.com/drb_ra/status/1628941371359854594

mgt.microsoft-cdn.org

# Reference: https://twitter.com/drb_ra/status/1628941530869248002

193.134.209.59:8062

# Reference: https://twitter.com/drb_ra/status/1628941626851688448

192.3.127.22:1234

# Reference: https://twitter.com/drb_ra/status/1628942370891767808

202.95.19.204:4430

# Reference: https://twitter.com/drb_ra/status/1628942655269765125

185.158.250.194:443

# Reference: https://twitter.com/drb_ra/status/1628945528636559360

devsecurityservices.com

# Reference: https://twitter.com/drb_ra/status/1629081456260665346

/zjservicezj/front/index/page.do

# Reference: https://twitter.com/drb_ra/status/1629090335342182401

81.68.249.97:9001

# Reference: https://twitter.com/drb_ra/status/1629111230647369729

http://13.230.229.15

# Reference: https://twitter.com/drb_ra/status/1629111261685329921

173.82.195.131:18992

# Reference: https://twitter.com/drb_ra/status/1629111293566148611

http://43.143.134.147

# Reference: https://twitter.com/drb_ra/status/1629111408997572610

185.132.43.99:8443

# Reference: https://twitter.com/drb_ra/status/1629111517554610177

185.11.61.199:8080

# Reference: https://twitter.com/drb_ra/status/1629111619476127745

158.101.89.127:8081

# Reference: https://twitter.com/drb_ra/status/1629111652225351680

154.38.108.253:8089

# Reference: https://twitter.com/drb_ra/status/1629111688686456832

winservers-network.in
cdn.winservers-network.in

# Reference: https://twitter.com/drb_ra/status/1629111780604510214

185.174.101.68:443

# Reference: https://twitter.com/drb_ra/status/1629111960900870144

101.99.90.157:8443
app.sncyhkttp.nl

# Reference: https://twitter.com/drb_ra/status/1629111991506808837

144.202.22.121:2096

# Reference: https://twitter.com/drb_ra/status/1629112226442362885

cs.capetradefinance.co.za

# Reference: https://twitter.com/drb_ra/status/1629112306104733697
# Reference: https://twitter.com/drb_ra/status/1629112311133749249
# Reference: https://twitter.com/drb_ra/status/1629112314057162754
# Reference: https://twitter.com/drb_ra/status/1629112320411549696
# Reference: https://twitter.com/drb_ra/status/1629112326619123713
# Reference: https://twitter.com/drb_ra/status/1629112333757718530

vip2-nice.com
analytics.vip2-nice.com
name.vip2-nice.com
network.vip2-nice.com
security.vip2-nice.com
traffic.vip2-nice.com
upgrade.vip2-nice.com

# Reference: https://twitter.com/drb_ra/status/1629112465047912451

kbangbi.net

# Reference: https://twitter.com/drb_ra/status/1629201633044271105

101.206.219.90:4444
2.58.64.41:4444

# Reference: https://twitter.com/drb_ra/status/1629201812141006849

8.134.212.47:443

# Reference: https://twitter.com/drb_ra/status/1629201890968760320

45.76.196.195:8888

# Reference: https://twitter.com/drb_ra/status/1629236411827118082

121.5.102.200:8081

# Reference: https://twitter.com/drb_ra/status/1629243065373171712

http://121.5.102.200

# Reference: https://twitter.com/drb_ra/status/1629256173139513345

vnssinc.com

# Reference: https://twitter.com/drb_ra/status/1629305346413019137

87.251.67.43:444

# Reference: https://twitter.com/drb_ra/status/1629305471373803520

103.135.101.185:88

# Reference: https://twitter.com/drb_ra/status/1629305588382351361

103.135.101.182:88

# Reference: https://twitter.com/drb_ra/status/1629310357280882688

http://116.204.211.163

# Reference: https://twitter.com/drb_ra/status/1629458685427589120

37.220.87.75:443

# Reference: https://twitter.com/drb_ra/status/1629459399256289281

http://123.60.178.169

# Reference: https://twitter.com/drb_ra/status/1629460493822836739

http://47.92.114.227

# Reference: https://twitter.com/drb_ra/status/1629461359275520001

91.238.203.2:443

# Reference: https://twitter.com/drb_ra/status/1629461650527997954

119.167.147.250:443
119.3.29.22:443
183.246.191.193:443

# Reference: https://twitter.com/drb_ra/status/1629463138062966786

47.94.3.175:55443

# Reference: https://twitter.com/drb_ra/status/1629467581479284738

http://82.157.167.219

# Reference: https://twitter.com/drb_ra/status/1629468614691528707

http://45.76.79.8

# Reference: https://twitter.com/drb_ra/status/1629469657739452419

http://54.236.49.195

# Reference: https://twitter.com/drb_ra/status/1629469825897512963

http://37.220.87.75

# Reference: https://twitter.com/drb_ra/status/1629470024363589634

e-servicesolutions.com

# Reference: https://twitter.com/drb_ra/status/1629472171306131457

39.98.78.9:443

# Reference: https://twitter.com/drb_ra/status/1629486037020954624

154.38.108.253:8001

# Reference: https://twitter.com/drb_ra/status/1629486061758840832

159.223.190.172:3333

# Reference: https://twitter.com/drb_ra/status/1629486202888781826

104.168.9.28:9998

# Reference: https://twitter.com/drb_ra/status/1629486384426758149

http://165.22.241.234

# Reference: https://twitter.com/drb_ra/status/1629486437174321152

service-kmsksppr-1309016787.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1629486566799204353

101.99.90.157:2096

# Reference: https://twitter.com/drb_ra/status/1629486729097773056

43.159.36.126:44344

# Reference: https://twitter.com/drb_ra/status/1629486898149306368

194.87.191.90:443

# Reference: https://twitter.com/drb_ra/status/1629487093159276546

43.138.121.2:443

# Reference: https://twitter.com/drb_ra/status/1629487304980013057

wns-cbdne2bnfzb3d8dz.z01.azurefd.net
/safebrowsing/zzykp/8cTlhG-6IN4zbIc4gdNpr1G2w2DWQDSka
/zzykp/8cTlhG-6IN4zbIc4gdNpr1G2w2DWQDSka
/8cTlhG-6IN4zbIc4gdNpr1G2w2DWQDSka

# Reference: https://twitter.com/drb_ra/status/1629487425385906177

http://103.20.221.8

# Reference: https://twitter.com/drb_ra/status/1629487573834891266

198.211.9.165:81
fityourself.tk

# Reference: https://twitter.com/drb_ra/status/1629567223634247682

http://45.76.52.179

# Reference: https://twitter.com/drb_ra/status/1629567355385790464

18.162.188.12:443

# Reference: https://twitter.com/drb_ra/status/1629567654406045698

43.249.9.32:12345

# Reference: https://twitter.com/drb_ra/status/1629567699268378626

149.28.158.176:8081

# Referennce: https://twitter.com/drb_ra/status/1629567865006313476

150.158.54.124:9999

# Reference: https://twitter.com/drb_ra/status/1629567975278665729

http://43.156.97.102

# Reference: https://twitter.com/drb_ra/status/1629568126424698880

150.158.100.162:8445

# Reference: https://twitter.com/drb_ra/status/1629568385905205248

http://43.139.69.115

# Reference: https://twitter.com/drb_ra/status/1629568692349435904

182.61.147.36:8000

# Reference: https://twitter.com/drb_ra/status/1629568992217030661

111.230.242.129:2095
fulim.top
da.fulim.top

# Reference: https://twitter.com/drb_ra/status/1629569265941487617

150.158.54.124:8503

# Reference: https://twitter.com/drb_ra/status/1629570502208413699

139.9.185.168:9558

# Reference: https://twitter.com/drb_ra/status/1629666648360615939

http://142.11.205.63

# Reference: https://twitter.com/drb_ra/status/1629791379747471360

190.123.44.137:4433
212.118.54.138:4433

# Reference: https://twitter.com/drb_ra/status/1629791442175401985

jquerysslx.com

# Reference: https://twitter.com/drb_ra/status/1629792033169719297

kbnexc.com
as.kbnexc.com
qw.kbnexc.com
zx.kbnexc.com

# Reference: https://twitter.com/drb_ra/status/1629792529905221633

http://47.122.22.26

# Reference: https://twitter.com/drb_ra/status/1629821180793221121

101.37.33.153:87

# Reference: https://twitter.com/drb_ra/status/1629821583823872001

49.0.250.177:6789

# Reference: https://twitter.com/drb_ra/status/1629823053487112192

124.221.144.169:443

# Reference: https://twitter.com/drb_ra/status/1629823857602228224

108.62.118.180:443
lugociyah.com
/Inform/servlets/XOMB26P0RJ
/servlets/XOMB26P0RJ
/XOMB26P0RJ

# Reference: https://twitter.com/drb_ra/status/1629823995498442758

8.142.124.166:8090

# Reference: https://twitter.com/drb_ra/status/1629925158986166274

http://94.131.8.103

# Reference: https://twitter.com/drb_ra/status/1629925327433613320

service-nwe3sk3y-1303130145.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1629925368193855491

45.140.88.85:8088

# Reference: https://twitter.com/drb_ra/status/1629925431469039616

103.67.191.89:8443

# Reference: https://twitter.com/drb_ra/status/1629925628186066946

179.43.156.134:8081

# Reference: https://twitter.com/drb_ra/status/1629925654601822209

107.173.251.222:58443

# Reference: https://twitter.com/drb_ra/status/1629925688210751492

154.64.224.130:8088

# Reference: https://twitter.com/drb_ra/status/1629925966427348993

20.89.23.164:443

# Reference: https://twitter.com/drb_ra/status/1629925998610333705

98.142.143.85:443

# Reference: https://twitter.com/drb_ra/status/1629926055602429955

http://44.198.164.69

# Reference: https://twitter.com/drb_ra/status/1630028791698407424

179.43.156.148:9090

# Reference: https://twitter.com/drb_ra/status/1630029489211154432

179.43.156.134:9090

# Reference: https://twitter.com/drb_ra/status/1630029080891383809

103.66.57.92:82

# Reference: https://twitter.com/drb_ra/status/1630029581058031618

8.130.24.199:443

# Reference: https://twitter.com/drb_ra/status/1630165327291006977

49.233.56.4:8099

# Reference: https://twitter.com/drb_ra/status/1630166094232055808

service-2knpsjoi-1308395236.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1630166470066941953

service-2nbv117r-1252578242.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1630179426162884608

85.206.172.155:443

# Reference: https://twitter.com/drb_ra/status/1630182713733914627

http://106.15.78.80
luo.dchu2u.com

# Reference: https://twitter.com/drb_ra/status/1630183720039731201

124.222.30.121:5000

# Reference: https://twitter.com/drb_ra/status/1630184049145675776

43.143.159.72:8086

# Reference: https://twitter.com/drb_ra/status/1630185941703720962

ccb.com.w.kunluncan.com

# Reference: https://twitter.com/drb_ra/status/1630188534752526336

139.9.190.31:9988

# Reference: https://twitter.com/drb_ra/status/1630190501059018752

8.134.212.47:6666

# Reference: https://twitter.com/drb_ra/status/1630191946705653760

43.139.86.176:4646

# Reference: https://twitter.com/drb_ra/status/1630192536995127296

81.69.221.247:8443

# Reference: https://twitter.com/drb_ra/status/1630205202878853120

http://1.13.187.159

# Reference: https://twitter.com/drb_ra/status/1630205355551608837

139.84.169.12:8081

# Reference: https://twitter.com/drb_ra/status/1630205384899145728

185.194.148.106:50001

# Reference: https://twitter.com/drb_ra/status/1630205519561408513

183.90.187.51:800

# Reference: https://twitter.com/drb_ra/status/1630205641619906561

http://1.13.168.66

# Reference: https://twitter.com/drb_ra/status/1630205679301533696

real-stories-microsoft.com

# Reference: https://twitter.com/drb_ra/status/1630205903730364418

185.194.148.106:19013

# Reference: https://twitter.com/drb_ra/status/1630206241376026633

194.36.190.118:8081

# Reference: https://twitter.com/drb_ra/status/1630206293427331076

service-cq6c7204-1308476627.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1630243142766153728

service-mtrar14d-1316554402.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1630289362842779648

http://77.91.124.187

# Reference: https://twitter.com/drb_ra/status/1630289692963815424

8.213.134.213:8080

# Reference: https://twitter.com/drb_ra/status/1630289789718089732

service-ltxn64q7-1259697681.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1630289819833098243

http://144.34.171.158

# Reference: https://twitter.com/drb_ra/status/1630289971721412610

20.239.71.66:8441

# Reference: https://twitter.com/drb_ra/status/1630289995524194306

77.91.124.187:443

# Reference: https://twitter.com/drb_ra/status/1630290036317990918

45.76.79.8:8043

# Reference: https://twitter.com/KorbenD_Intel/status/1630301242831392768

yuexiu.life
admin.yuexiu.life

# Reference: https://twitter.com/drb_ra/status/1630335073923809286

ressage.ca

# Reference: https://twitter.com/drb_ra/status/1630335169075769351

42.192.222.92:4433

# Reference: https://twitter.com/drb_ra/status/1630335685109350400

utv.mindray.com

# Reference: https://twitter.com/drb_ra/status/1630384113835208704

47.92.85.169:443

# Reference: https://twitter.com/drb_ra/status/1630394015832047618

139.59.203.159:443
46.101.92.94:443
/Setup/v3.23/Z251N18HL2SF
/v3.23/Z251N18HL2SF
/Z251N18HL2SF

# Reference: https://twitter.com/drb_ra/status/1630394496054702080

http://47.103.15.237

# Reference: https://twitter.com/drb_ra/status/1630498269779439617

124.221.66.75:60001

# Reference: https://twitter.com/drb_ra/status/1630529295301898240

180.76.166.65:8086

# Reference: https://twitter.com/drb_ra/status/1630530507107717121

108.62.118.181:443
fowejeno.com
/Restrict/names/P8OK44B689R6
/names/P8OK44B689R6
/P8OK44B689R6

# Reference: https://twitter.com/drb_ra/status/1630544389914214402

43.136.218.157:443

# Reference: https://twitter.com/drb_ra/status/1630604459314216961

wgp-y6phfwkylyu.n.bdcloudapi.com

# Reference: https://twitter.com/drb_ra/status/1630604903549747204

173.82.90.51:8443

# Reference: https://twitter.com/drb_ra/status/1630605011192279045

1.13.254.87:443

# Reference: https://twitter.com/drb_ra/status/1630605322216767488

43.137.5.149:6443

# Reference: https://twitter.com/drb_ra/status/1630605570548940803

120.78.64.199:443

# Reference: https://twitter.com/drb_ra/status/1630609037380272135

service-cekfycnf-1257582847.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1630609282675752978

23.106.215.231:443
vibotuco.com
/detect/BackOffice/GPS30WXFG
/BackOffice/GPS30WXFG
/GPS30WXFG

# Reference: https://twitter.com/drb_ra/status/1630651896259026961

185.74.222.77:443
45.76.96.64:443

# Reference: https://twitter.com/drb_ra/status/1630652008817369103

172.247.38.157:4430
ternocorg.cf

# Reference: https://twitter.com/drb_ra/status/1630652108054691840

137.220.194.64:88

# Reference: https://twitter.com/drb_ra/status/1630652150349963268

89.117.113.193:8765

# Reference: https://twitter.com/drb_ra/status/1630652203110113285

http://109.206.240.91

# Reference: https://twitter.com/drb_ra/status/1630652259473162241

45.88.170.91:444

# Reference: https://twitter.com/drb_ra/status/1630652281329790978

http://54.250.65.5

# Reference: https://twitter.com/drb_ra/status/1630652314057842701

console.samsungue.com

# Reference: https://twitter.com/drb_ra/status/1630652357439528961

43.154.18.45:443

# Reference: https://twitter.com/drb_ra/status/1630652390268444676

topformorelive.com

# Reference: https://twitter.com/drb_ra/status/1630652458300059654

149.129.72.37:12580

# Reference: https://twitter.com/drb_ra/status/1630652676798070785

8.213.134.213:8443

# Reference: https://twitter.com/drb_ra/status/1630652791730348034

104.168.57.106:17001

# Reference: https://twitter.com/drb_ra/status/1630652826140459009

107.182.18.105:443

# Reference: https://twitter.com/drb_ra/status/1630652999356784649

http://43.154.18.45

# Reference: https://twitter.com/drb_ra/status/1630653199450341376

103.234.72.215:9001
