# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Note: Continuation of /maltrail/trails/static/malware/cobaltstrike.txt
# Note: Continuation of /maltrail/trails/static/malware/cobaltstrike-1.txt

# Reference: https://twitter.com/drb_ra/status/1599153233766645761

47.106.91.17:9999

# Reference: https://twitter.com/drb_ra/status/1599153269007388672

139.224.56.137:443

# Reference: https://twitter.com/drb_ra/status/1599154335899951104

101.34.36.50:1111

# Reference: https://twitter.com/drb_ra/status/1599154659259826177

service-ltxn64q7-1259697681.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599154785822953475

redirector.drwatson.workers.dev

# Reference: https://twitter.com/drb_ra/status/1599155689317769216

1.12.48.210:50000

# Reference: https://twitter.com/drb_ra/status/1599159295710568448

45.124.112.142:86
zsqiji.com
jh.zsqiji.com

# Reference: https://twitter.com/drb_ra/status/1599159873513701376

prodevline.com

# Reference: https://twitter.com/drb_ra/status/1599160112802832386

5.199.168.212:8080
bradleysair.com
sso.bradleysair.com

# Reference: https://twitter.com/drb_ra/status/1599160176703053824

http://103.100.210.43

# Reference: https://twitter.com/drb_ra/status/1599243501413302273

13.39.17.109:443

# Reference: https://twitter.com/drb_ra/status/1599243549622550529

5.199.168.212:8443

# Reference: https://twitter.com/drb_ra/status/1599243685002199040

47.242.204.243:4444

# Reference: https://twitter.com/drb_ra/status/1599243728106971137

service-i0k34aj0-1306743016.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599243774001127426

23.224.70.156:443

# Reference: https://twitter.com/drb_ra/status/1599243829458403329

40.77.54.32:443

# Reference: https://twitter.com/drb_ra/status/1599244178621349890

http://23.224.42.37
/acquire/premiere/SPFYYI1KSXE
/premiere/SPFYYI1KSXE
/SPFYYI1KSXE

# Reference: https://twitter.com/drb_ra/status/1599244288054935553

114.116.101.84:89

# Reference: https://twitter.com/drb_ra/status/1599244491503828992
# Reference: https://twitter.com/drb_ra/status/1599244933600272384
# Reference: https://twitter.com/drb_ra/status/1599245267601072129

23.224.70.154:443
23.224.70.155:443
23.224.70.157:443
23.224.70.158:443

# Reference: https://twitter.com/drb_ra/status/1599244544008142850

45.136.14.80:17001

# Reference: https://twitter.com/drb_ra/status/1599244728041611265

http://45.63.127.253

# Reference: https://twitter.com/drb_ra/status/1599245339290214400

18.133.158.108:443

# Reference: https://www.virustotal.com/gui/file/ec64a8f8d13824ffea88c857f4fb394d571364504a754b175040821ef3e0e752/detection

virtualpoolnet.com
mega.virtualpoolnet.com

# Reference: https://twitter.com/drb_ra/status/1599402130212851715

45.154.12.201:8443

# Reference: https://twitter.com/drb_ra/status/1599402207845273601

23.160.193.126:8000

# Reference: https://github.com/conexioninversa/MalwareIntel/blob/main/C2_All.txt

http://106.13.54.144
http://124.222.77.10
http://143.198.173.163
http://152.136.12.64
http://182.61.139.132
http://193.149.185.214
http://194.135.24.242
http://194.135.24.250
http://20.204.47.86
http://205.185.114.97
http://38.6.155.73
http://49.232.34.39
http://49.234.137.223
http://77.73.131.173
http://77.73.131.6
http://77.73.133.116
http://77.73.134.23
http://82.157.110.128
1.14.107.106:4433
101.35.198.64:443
101.43.240.159:801
103.149.200.79:9530
103.43.12.106:443
103.71.153.157:8443
104.168.11.90:8443
107.148.53.252:801
107.189.1.15:443
107.189.7.248:443
120.25.178.170:443
121.199.166.58:8888
121.40.127.134:443
121.41.108.155:800
121.41.96.3:443
124.221.89.144:443
124.222.125.194:4433
125.124.127.206:8001
138.197.0.238:443
138.68.129.139:443
139.59.181.36:443
139.59.9.6:443
143.198.173.163:443
154.209.82.138:443
159.89.113.109:443
162.14.68.74:443
175.178.243.43:2087
176.113.115.101:443
176.113.115.103:443
18.177.125.154:443
18.181.9.176:443
185.130.45.243:443
188.166.16.172:443
192.3.251.157:443
194.135.24.250:443
194.165.16.83:443
195.133.53.186:8080
198.98.55.58:443
20.90.90.172:443
205.185.119.170:443
205.185.121.78:443
209.141.47.99:443
216.240.130.72:443
3.65.42.215:443
3.70.34.175:443
34.28.222.48:443
39.98.50.48:8099
42.193.139.221:10001
43.139.156.186:443
43.142.176.16:443
45.227.252.253:443
45.61.185.16:443
47.243.200.118:443
47.96.156.250:4445
49.232.191.102:443
5.188.86.196:443
54.87.226.90:443
54.92.103.160:443
58.64.193.172:4443
68.233.238.123:443
69.12.89.251:8443
77.73.131.173:443
77.73.131.193:443
77.73.134.23:8443
8.222.133.128:443
81.71.8.186:6666
84.32.128.237:443
84.32.188.156:443
84.32.190.139:443
85.209.135.73:443
86.106.87.152:443
91.245.254.116:443

# Reference: https://twitter.com/drb_ra/status/1599493719702573056

154.7.64.12:8043

# Reference: https://twitter.com/drb_ra/status/1599494034095046665

185.180.223.126:8084

# Reference: https://twitter.com/drb_ra/status/1599494492159107073

194.165.16.53:4444

# Reference: https://twitter.com/drb_ra/status/1599495516001386497

finance.rapidfinact.com

# Reference: https://twitter.com/drb_ra/status/1599495644326010883

http://195.189.96.218

# Reference: https://twitter.com/drb_ra/status/1599495973138567168

139.196.47.225:809

# Reference: https://twitter.com/drb_ra/status/1599497569901608963

107.173.122.167:443

# Reference: https://twitter.com/drb_ra/status/1599498367725436928

esoftwareupdates.com

# Reference: https://twitter.com/drb_ra/status/1599498703634571265

service-fmbftrxi-1314507962.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599498795603173376

163.197.43.157:5678

# Reference: https://twitter.com/James_inthe_box/status/1599787857467834368
# Reference: https://app.any.run/tasks/1c4af7b8-813b-4fda-9d66-a105288a37de/

http://165.22.48.183

# Reference: https://twitter.com/drb_ra/status/1599586273370558464

45.32.233.211:8080

# Reference: https://twitter.com/drb_ra/status/1599586360662396930

47.99.110.68:81

# Reference: https://twitter.com/drb_ra/status/1599587043667058688
# Reference: https://www.virustotal.com/gui/file/ef2636f88cde3f0362cebd168c9793735c7df4d22f34652f0e6ce8e87e881c79/detection

arrenal.com
team.arrenal.com

# Reference: https://twitter.com/drb_ra/status/1599587406872805376

35.90.121.211:30002

# Reference: https://twitter.com/drb_ra/status/1599587431682113537

179.60.150.99:443

# Reference: https://twitter.com/drb_ra/status/1599587487881592833

120.78.216.232:443

# Reference: https://twitter.com/drb_ra/status/1599587554168377345

http://124.71.143.78

# Reference: https://twitter.com/drb_ra/status/1599587589765435392

http://45.76.37.42

# Reference: https://twitter.com/drb_ra/status/1599587737887281153

d232xh9rapx5ux.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1599587824692494337

45.94.40.7:8045

# Reference: https://twitter.com/drb_ra/status/1599729174167576576

service-kuy5z66l-1308290351.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599730169400410112

http://179.43.142.47

# Reference: https://twitter.com/drb_ra/status/1599731054000148483

service-fa7um5z4-1314640586.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599731391712960513

http://81.68.175.191

# Reference: https://twitter.com/drb_ra/status/1599731754755100672

teamelite-ck.info

# Reference: https://twitter.com/drb_ra/status/1599731813425061893

173.82.159.59:8443
cloudf1are.tk

# Reference: https://twitter.com/drb_ra/status/1599732463315607552

http://45.32.233.211
http://45.76.37.42

# Reference: https://twitter.com/drb_ra/status/1599732776374341632

20.26.247.136:443

# Reference: https://twitter.com/drb_ra/status/1599733050572787713

104.238.220.108:443
23.108.57.77:443

# Reference: https://twitter.com/drb_ra/status/1599733100321599488

120.26.240.21:4433

# Reference: https://twitter.com/drb_ra/status/1599733234744664064

http://93.115.27.11

# Reference: https://twitter.com/drb_ra/status/1599733368199020550

47.103.42.161:8087

# Reference: https://twitter.com/drb_ra/status/1599737065054392321

144.48.240.104:8081

# Reference: https://twitter.com/drb_ra/status/1599737232629301248

8.131.94.164:4443

# Reference: https://twitter.com/drb_ra/status/1599746840538251265

49.232.34.39:8080

# Reference: https://twitter.com/drb_ra/status/1599746895097782272
# Reference: https://twitter.com/drb_ra/status/1599749208139075587

43.139.69.104:8443
43.139.69.104:8880
360se.publicvm.com
service-7tllas30-1313419091.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599748251619672064

170.64.148.19:443

# Reference: https://twitter.com/drb_ra/status/1599847319033315329

51.210.243.38:8087

# Reference: https://twitter.com/drb_ra/status/1599847445650964480

wa1.ink

# Reference: https://twitter.com/drb_ra/status/1599847478949470208

49.0.192.16:8080

# Reference: https://twitter.com/drb_ra/status/1599847586713767953

http://175.178.191.210

# Reference: https://twitter.com/drb_ra/status/1599847784332550144

http://47.108.180.121

# Reference: https://twitter.com/drb_ra/status/1599847950812864512

test.227api.com

# Reference: https://twitter.com/drb_ra/status/1599848319022518274

service-bny5eh7w-1309094654.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1599848462505414666

107.148.201.50:40001

# Reference: https://twitter.com/drb_ra/status/1599848596265963538

114.115.160.181:8848

# Reference: https://twitter.com/cobaltstrikebot/status/1599505502110908418
# Reference: https://twitter.com/drb_ra/status/1600302023123107843

43.139.129.211:4433
sf-express.store

# Reference: https://www.virustotal.com/gui/file/02eca3440338a1bc8f2396959550b11c3ae000571a43efd0a2ad2db29b57196b/detection

http://43.139.215.184

# Reference: https://twitter.com/drb_ra/status/1599883742046216202

82.157.171.28:443

# Reference: https://twitter.com/drb_ra/status/1599889460681908229

43.156.25.232:6666

# Reference: https://twitter.com/drb_ra/status/1599890065001422852

http://103.146.158.251
dchu2u.com

# Reference: https://twitter.com/drb_ra/status/1599965990850371586

38.60.8.235:8080

# Reference: https://twitter.com/drb_ra/status/1599966255741636610

38.6.231.116:4444

# Reference: https://twitter.com/drb_ra/status/1599966528761479168

23.94.40.43:7777

# Reference: https://twitter.com/drb_ra/status/1599966946992209920

43.143.237.87:443

# Reference: https://twitter.com/drb_ra/status/1599967055557574657

198.244.224.68:9043

# Reference: https://twitter.com/drb_ra/status/1599967483838009344

googlecontentuser.com

# Reference: https://twitter.com/drb_ra/status/1599967616885555206

34.124.155.137:8088

# Reference: https://twitter.com/drb_ra/status/1600088195714240512

service-0sj91cuc-1257589019.hk.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1600505133166632964

20.106.98.142:2096
googleupdatetk.com

# Reference: https://twitter.com/drb_ra/status/1600088710040674306

47.103.42.161:8088

# Reference: https://twitter.com/drb_ra/status/1600089207917187074

170.178.211.194:2053
bandu-img.tk
img.bandu-img.tk

# Reference: https://twitter.com/drb_ra/status/1600089245720481794

124.222.54.25:443

# Reference: https://twitter.com/drb_ra/status/1600092498793316352

754xneyq.slt.sched.intlsdcn.com
bc46l49k.slt.sched.intlscdn.com

# Reference: https://twitter.com/drb_ra/status/1600110774667677698

36.26.80.93:8888

# Reference: https://twitter.com/drb_ra/status/1600134779478966273

360se.line.pm

# Reference: https://twitter.com/drb_ra/status/1600134848559079424

39.104.165.139:81

# Reference: https://twitter.com/drb_ra/status/1600135475309715459

http://18.192.11.175

# Reference: https://twitter.com/drb_ra/status/1600136962769358851

charismaticilok.com

# Reference: https://twitter.com/drb_ra/status/1600243700440915989

101.43.139.124:2580

# Reference: https://twitter.com/drb_ra/status/1600330978995699715

texasflooddesign.com
/test/v4.2/O7J94ZCC
/v4.2/O7J94ZCC
/O7J94ZCC

# Reference: https://twitter.com/drb_ra/status/1600331208377995264

51.210.243.38:6969

# Reference: https://twitter.com/drb_ra/status/1600331240707596288

ramdd.com

# Reference: https://twitter.com/drb_ra/status/1600331324140802049

172.96.188.33:443

# Reference: https://twitter.com/drb_ra/status/1600331473525022720

tobinwimkin.host

# Reference: https://twitter.com/drb_ra/status/1600331599324893186

47.243.31.34:2086
baidus.top
pay.baidus.top

# Reference: https://twitter.com/drb_ra/status/1600331695344984067

credit-assist.azurewebsites.net

# Reference: https://twitter.com/drb_ra/status/1600332145364443141
# Reference: https://www.virustotal.com/gui/file/fff56f2a40dd133d90e0b402f1044115aa13ec099f56ce1eb32a7928903d708b/detection
# Reference: https://www.virustotal.com/gui/file/7191a5356ea8c6e9c6ce7c32efb5207af4960fd1cce3e107b169e39523de51ac/detection
# Reference: https://www.virustotal.com/gui/file/337e69e9acf5be05149326526f8b4d9e1feab0f0143013afc8bd6332e9414fec/detection
# Reference: https://www.virustotal.com/gui/file/21ee6140947a10454bf6d1ef8e3b2aa2cd2a1aadbfa07d451439f7d262413166/detection

103.131.189.20:8443
edgeupdatem.services
edgexml.edgeupdatem.services
update.edgeupdatem.services

# Reference: https://twitter.com/drb_ra/status/1600332186506465283

124.156.11.146:9999

# Reference: https://twitter.com/drb_ra/status/1600332269121593345

34.96.195.216:8033

# Reference: https://twitter.com/drb_ra/status/1600332317381230592

179.43.142.90:8081

# Reference: https://twitter.com/drb_ra/status/1600332537271828480

35.92.32.1:8086

# Reference: https://twitter.com/drb_ra/status/1600332964985970689

13.41.229.142:443

# Reference: https://twitter.com/drb_ra/status/1600333007382085634

152.89.196.33:445

# Reference: https://twitter.com/drb_ra/status/1600473928237027328

120.48.31.168:443

# Reference: https://twitter.com/drb_ra/status/1600504416788004865

106.12.148.10:8883

# Reference: https://twitter.com/drb_ra/status/1600504879881113600

101.33.232.139:2222

# Reference: https://twitter.com/drb_ra/status/1600505821892415490

/retrieve/analyse/QJQQ4QZ76WZ
/analyse/QJQQ4QZ76WZ
/QJQQ4QZ76WZ

# Reference: https://twitter.com/drb_ra/status/1600506931734626308

173.82.212.78:443

# Reference: https://twitter.com/drb_ra/status/1600507128376168454

http://120.48.31.168

# Reference: https://twitter.com/drb_ra/status/1600507307510611971

43.143.19.165:8080

# Reference: https://twitter.com/drb_ra/status/1600507506324905991

8.142.171.59:25565

# Reference: https://twitter.com/drb_ra/status/1600508517911257091

8.134.90.91:6666

# Reference: https://twitter.com/drb_ra/status/1600509003683053574

124.222.203.214:8080

# Reference: https://twitter.com/drb_ra/status/1600511065590308872

http://85.208.136.223

# Reference: https://twitter.com/drb_ra/status/1600513368263196672

8.141.161.11:5555

# Reference: https://twitter.com/drb_ra/status/1600514131102208002

vgflab.de

# Reference: https://twitter.com/drb_ra/status/1600514743151779842

2022.gx.hvv.gxhw.work

# Reference: https://twitter.com/drb_ra/status/1600514780778954753

http://172.104.191.136
http://3.227.3.182

# Reference: https://twitter.com/drb_ra/status/1600515549250949124

http://8.134.155.21

# Reference: https://twitter.com/drb_ra/status/1600515589398732803

1.117.141.120:2222

# Reference: https://twitter.com/drb_ra/status/1600516167428444163

121.36.165.78:443

# Reference: https://twitter.com/drb_ra/status/1600516290480930816

116.251.216.137:443

# Reference: https://twitter.com/drb_ra/status/1600516736222117891

svchost20221206.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1600517837226971136

8.134.155.21:443

# Reference: https://twitter.com/drb_ra/status/1600569969820975117

http://180.76.146.71

# Reference: https://twitter.com/drb_ra/status/1600574424901632003

d3ktcnc1w6pd1f.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1600577792197935124

america.azurewebsites.net

# Reference: https://twitter.com/drb_ra/status/1600582266958266391

43.154.27.211:8880
microsofer.top

# Reference: https://twitter.com/drb_ra/status/1600584883583291394

91.240.118.207:82

# Reference: https://twitter.com/drb_ra/status/1600590593792557058

185.239.226.16:8088

# Reference: https://twitter.com/drb_ra/status/1600591008181501955

185.216.71.178:4413

# Reference: https://twitter.com/drb_ra/status/1600591115157213186
# Reference: https://twitter.com/drb_ra/status/1600597141092765724

http://139.177.146.61
139.177.146.61:443

# Reference: https://twitter.com/drb_ra/status/1600591652049063939

157.245.50.113:443

# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-12-07-IOCs-for-Bumblebee-infection-with-Cobalt-Strike.txt

ceyuvigi.com

# Reference: https://twitter.com/drb_ra/status/1600593469839446036

certindia.cf

# Reference: https://twitter.com/drb_ra/status/1600594040239624215

defend.rapidfinact.com
/contact/v5.74/ISNBCWPYQZP
/v5.74/ISNBCWPYQZP
/ISNBCWPYQZP

# Reference: https://twitter.com/drb_ra/status/1600594073429151749

googlecloudsvcs.com
/owa/iS0FOUoc0R1nWN7Fmhh3KgO9mFyhiv0hEitEO3AeyfyT
/iS0FOUoc0R1nWN7Fmhh3KgO9mFyhiv0hEitEO3AeyfyT

# Reference: https://twitter.com/drb_ra/status/1600594213523128321

198.44.132.153:8080

# Reference: https://twitter.com/drb_ra/status/1600594468503228450

http://43.140.251.169

# Reference: https://twitter.com/drb_ra/status/1600594948751036419

179.43.142.32:8081
179.43.142.35:8081
179.43.142.90:8081

# Reference: https://twitter.com/drb_ra/status/1600595967170039813

179.43.142.32:8082
179.43.142.35:8082
179.43.142.90:8082

# Reference: https://twitter.com/drb_ra/status/1600595380797902870

51.222.200.10:443

# Reference: https://twitter.com/drb_ra/status/1600595712995168257

91.240.118.218:8093

# Reference: https://twitter.com/drb_ra/status/1600596352618168321

sercieupdn.host
/change/shtml/X4XL95PABD8
/shtml/X4XL95PABD8
/X4XL95PABD8

# Reference: https://twitter.com/drb_ra/status/1600624959033905153

d2idc6pw30xvpl.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1600631563758206977

1.15.243.154:50005

# Reference: https://twitter.com/drb_ra/status/1600632833386680320

1.13.14.225:443

# Reference: https://twitter.com/drb_ra/status/1600657126086643713

3.14.15.220:443

# Reference: https://twitter.com/drb_ra/status/1600657542056710146

http://43.143.81.59

# Reference: https://twitter.com/drb_ra/status/1600658452598165507

45.32.239.191:445

# Reference: https://twitter.com/drb_ra/status/1600666255790325762

49.233.0.40:8443

# Reference: https://twitter.com/drb_ra/status/1600666280989687810

/Register/environ/L36WHWK1
/environ/L36WHWK1
/L36WHWK1

# Reference: https://twitter.com/drb_ra/status/1600666653381038083

service-a7xtku4n-1252123187.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1600806949867737093

23.106.124.188:801

# Reference: https://twitter.com/drb_ra/status/1600817738414538752

172.96.141.10:8443

# Reference: https://twitter.com/drb_ra/status/1600817821835055104

http://47.101.129.148

# Reference: https://twitter.com/drb_ra/status/1600818639011184640

43.143.81.59:443

# Reference: https://twitter.com/malware_traffic/status/1600946023165480960
# Reference: https://www.virustotal.com/gui/file/aca5df1c030674df2a2951643483c0eca05333dcb1392411f978ae625c269a7e/detection

pejapezey.com

# Reference: https://twitter.com/malware_traffic/status/1600933614531010561
# Reference: https://www.virustotal.com/gui/file/6913e5bc7b24e715cc1873522a6442a837cc74b487a10c3bf6f512a7e25e3d4d/detection

aloyadakmashin.com

# Reference: https://twitter.com/malware_traffic/status/1600953451940556801

netlifetown.com

# Reference: https://twitter.com/drb_ra/status/1600952999261642761

web.granapo.com.global.prod.fastly.net

# Reference: https://twitter.com/drb_ra/status/1600954465992974349

107.148.129.129:1433

# Reference: https://twitter.com/drb_ra/status/1600955943658856464

96.45.163.191:8087

# Reference: https://twitter.com/drb_ra/status/1600956395062435866

74.120.169.91:443

# Reference: https://twitter.com/drb_ra/status/1600956708674740244

176.113.115.3:8080

# Reference: https://twitter.com/drb_ra/status/1600956832444456978

139.177.146.61:88

# Reference: https://twitter.com/drb_ra/status/1600957028737884169

137.220.232.89:443

# Reference: https://twitter.com/drb_ra/status/1600957360905789450

103.234.72.11:18877

# Reference: https://twitter.com/drb_ra/status/1600957522826895382

86.106.74.59:54943

# Reference: https://twitter.com/drb_ra/status/1600957618415083546

http://74.120.169.91

# Reference: https://twitter.com/drb_ra/status/1600957674291601442

103.234.72.142:86

# Reference: https://twitter.com/drb_ra/status/1600972682480308243

e.17500.cn

# Reference: https://twitter.com/drb_ra/status/1600972709579706387

cdn-file.midiwo.com

# Reference: https://twitter.com/drb_ra/status/1600972738411352068

cdn-file.joyfartech.com

# Reference: https://twitter.com/drb_ra/status/1600972744140771339

s1.kagirl.cn

# Reference: https://twitter.com/drb_ra/status/1600973831123992576

http://4.228.65.217

# Reference: https://twitter.com/drb_ra/status/1600974138985832448

18.166.178.144:60000

# Reference: https://twitter.com/MichalKoczwara/status/1601179780480610304

116.62.179.202:8000

# Reference: https://twitter.com/drb_ra/status/1601178264449474562

bin.hik.icu

# Reference: https://twitter.com/drb_ra/status/1601178411984109568

205.185.115.71:443

# Reference: https://twitter.com/drb_ra/status/1601178537435840512

43.140.251.169:443

# Reference: https://twitter.com/drb_ra/status/1601179053641408512

43.139.18.81:7777

# Reference: https://twitter.com/drb_ra/status/1601180471874002945

179.43.142.47:10443

# Reference: https://twitter.com/drb_ra/status/1601181014549725184

43.159.38.188:5801
/CWoNaJLBo/VTNeWw11212/
/CWoNaJLBo/
/VTNeWw11212/

# Reference: https://twitter.com/drb_ra/status/1601227015293747201

43.249.9.15:9000

# Reference: https://twitter.com/drb_ra/status/1601227121346625537

103.231.254.188:4444

# Reference: https://twitter.com/drb_ra/status/1601227312632061953

43.142.77.246:10014

# Reference: https://twitter.com/drb_ra/status/1601227373990617088

39.99.152.41:443

# Reference: https://twitter.com/drb_ra/status/1601228025286246405

82.157.136.219:81

# Reference: https://twitter.com/drb_ra/status/1601228575969054725

pen28sja1.tk
cs.pen28sja1.tk

# Reference: https://twitter.com/drb_ra/status/1601228849412509696

service-aqum5s30-1308454369.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601304872468578306

195.123.225.163:443

# Reference: https://twitter.com/drb_ra/status/1601304987530936322

expoglobalservice.com

# Reference: https://twitter.com/drb_ra/status/1601305191722147847

103.135.249.159:443

# Reference: https://twitter.com/drb_ra/status/1601305253281931271

137.220.232.89:81

# Reference: https://twitter.com/drb_ra/status/1601305396744015873

207.246.112.192:4433

# Reference: https://twitter.com/drb_ra/status/1601305477350100993

77.73.134.36:8080

# Reference: https://twitter.com/drb_ra/status/1601305518483578882

http://155.94.151.195

# Reference: https://twitter.com/drb_ra/status/1601305742799142915

134.122.0.158:443

# Reference: https://twitter.com/drb_ra/status/1601306001541586944

194.49.94.254:10087

# Reference: https://twitter.com/drb_ra/status/1601306817346297859

192.241.142.215:443

# Reference: https://twitter.com/drb_ra/status/1601307439365775361

179.43.142.35:8082

# Reference: https://twitter.com/drb_ra/status/1601307970385625090

47.242.74.51:8989

# Reference: https://twitter.com/drb_ra/status/1601308254377738241

124.71.84.65:443

# Reference: https://twitter.com/drb_ra/status/1601308570187960323

98.142.254.15:8080
latinacorinne.com
sso.latinacorinne.com

# Reference: https://twitter.com/drb_ra/status/1601308993351188482

103.149.200.79:9529
attck.top

# Reference: https://twitter.com/drb_ra/status/1601328963531546627

175.178.243.43:2052

# Reference: https://twitter.com/drb_ra/status/1601332498214051845

http://81.70.152.197

# Reference: https://twitter.com/drb_ra/status/1601332902100353024

104.21.54.192:8880
172.67.141.87:8880

# Reference: https://twitter.com/drb_ra/status/1601333105117335554

120.48.71.139:8081

# Reference: https://twitter.com/drb_ra/status/1601355792598310912

47.92.217.197:443

# Reference: https://twitter.com/drb_ra/status/1601355926786670594

23.95.44.36:443

# Reference: https://twitter.com/drb_ra/status/1601356285907292160

http://62.204.41.171

# Reference: https://twitter.com/drb_ra/status/1601356503532929024

164.155.99.102:7777
38.60.36.55:7777

# Reference: https://twitter.com/drb_ra/status/1601483634338316289

http://124.71.84.65

# Reference: https://twitter.com/drb_ra/status/1601484034995097600

173.82.159.59:8443
c1oudflare.tk

# Reference: https://twitter.com/drb_ra/status/1601539981268467714

39.98.67.145:8443

# Reference: https://twitter.com/drb_ra/status/1601540173615058945

104.168.11.90:2096
whereismyip.tk
cdn.whereismyip.tk

# Reference: https://twitter.com/drb_ra/status/1601540305047756800

120.24.183.94:6666

# Reference: https://twitter.com/drb_ra/status/1601543637355175937

/Remove/favorites/KM1DPMDAL
/favorites/KM1DPMDAL
/KM1DPMDAL

# Reference: https://twitter.com/drb_ra/status/1601544438202908679

8.218.99.231:443

# Reference: https://twitter.com/drb_ra/status/1601544493861306370

tender.jkub.com

# Reference: https://twitter.com/drb_ra/status/1601545328897019905

yetiorcvar.cf

# Reference: https://twitter.com/drb_ra/status/1601545634322022404

http://120.78.82.210
/adapt/v7.82/NUA9NH12F2GF
/v7.82/NUA9NH12F2GF
/NUA9NH12F2GF

# Reference: https://twitter.com/drb_ra/status/1601545755038294018

d2xoknzblbbhrj.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1601546791433936900
# Reference: https://twitter.com/drb_ra/status/1601688760030154752

http://104.21.2.52
http://154.209.82.138
http://172.67.128.185
154.209.82.138:81
whatjs.gq

# Reference: https://twitter.com/drb_ra/status/1601568436009766914

18.222.142.185:443

# Reference: https://twitter.com/drb_ra/status/1601569370559463425

129.226.201.214:9999

# Reference: https://twitter.com/drb_ra/status/1601589626300497929

80.85.154.166:443

# Reference: https://twitter.com/drb_ra/status/1601589888897392642

152.136.227.216:9977

# Reference: https://twitter.com/drb_ra/status/1601590056979947521

121.196.165.107:4444

# Reference: https://twitter.com/drb_ra/status/1601590090576322561

http://156.96.62.55

# Reference: https://twitter.com/drb_ra/status/1601590205940748290

service-jaqtuxgu-1256226576.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601591010391429121

173.82.219.37:8099

# Reference: https://twitter.com/drb_ra/status/1601591699913981953

service-fmbftrxi-1314507962.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601676854120677376

116.205.228.78:8001

# Reference: https://twitter.com/drb_ra/status/1601676935440248832

164.155.99.102:7777

# Reference: https://twitter.com/drb_ra/status/1601677104059363328
# Reference: https://twitter.com/drb_ra/status/1601677860133081091

103.100.62.176:8443
103.100.62.179:8443
fiashupdate.ga
update.fiashupdate.ga

# Reference: https://twitter.com/drb_ra/status/1601677411409616897

43.138.236.103:443

# Reference: https://twitter.com/drb_ra/status/1601678884126134273

198.46.131.172:443

# Reference: https://twitter.com/drb_ra/status/1601679225555398657

62.204.41.171:443

# Reference: https://twitter.com/drb_ra/status/1601679769006997509

ccce.best

# Reference: https://twitter.com/drb_ra/status/1601679963198988292

172.93.45.162:8443

# Reference: https://twitter.com/drb_ra/status/1601680425952636928

45.200.14.24:8011

# Reference: https://twitter.com/drb_ra/status/1601681442496548872

http://202.146.216.134

# Reference: https://twitter.com/drb_ra/status/1601681833040777218

49.128.198.17:6767

# Reference: https://twitter.com/drb_ra/status/1601690192703680514

service-nhvty71c-1255451648.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1601749038336024577

47.103.42.161:8022

# Reference: https://twitter.com/drb_ra/status/1601750453875867648

81.68.142.187:443

# Reference: https://twitter.com/drb_ra/status/1601782037870006273

23.105.221.97:9999

# Reference: https://twitter.com/drb_ra/status/1601782354959384577
# Reference: https://twitter.com/drb_ra/status/1601783459978133505

43.156.150.242:2095
43.156.150.242:2096

# Reference: https://twitter.com/drb_ra/status/1601783107862011906

16.162.120.141:60001

# Reference: https://twitter.com/drb_ra/status/1601783160697651201

103.233.253.147:8088

# Reference: https://twitter.com/drb_ra/status/1601902467469426688

120.78.82.210:443

# Reference: https://twitter.com/drb_ra/status/1601908316275367936

49.128.198.3:53

# Reference: https://twitter.com/drb_ra/status/1601978476000677890

107.148.129.142:443

# Reference: https://twitter.com/drb_ra/status/1601994022591021056

kaspenskyupdate.com
s15.kaspenskyupdate.com

# Reference: https://twitter.com/drb_ra/status/1602270817265524736
# Reference: https://twitter.com/drb_ra/status/1602270817265524736
# Reference: https://www.virustotal.com/gui/ip-address/172.67.138.166/relations

omg1.kasperslkyupdate.com
omg2.kasperslkyupdate.com
sn1ff1.kasperslkyupdate.com
sn1ff2.kasperslkyupdate.com

# Reference: https://twitter.com/drb_ra/status/1601995322049413120

91.245.254.116:443

# Reference: https://twitter.com/drb_ra/status/1601997014669180930

125.124.127.206:8001

# Reference: https://twitter.com/drb_ra/status/1601997515863326721

ubds.uk

# Reference: https://twitter.com/drb_ra/status/1601997723573653506

kratomleaf.strangled.net

# Reference: https://twitter.com/drb_ra/status/1601998936151040004

183.57.37.247:6666

# Reference: https://twitter.com/drb_ra/status/1601999651124781057

121.41.108.155:800

# Reference: https://twitter.com/drb_ra/status/1602000210812715012

49.234.19.234:8089

# Reference: https://twitter.com/drb_ra/status/1602001170498715649

183.57.37.247:8080

# Reference: https://twitter.com/drb_ra/status/1602054296010383360

85.209.135.49:443

# Reference: https://twitter.com/drb_ra/status/1602055100129628160

service-bzzkyay3-1304672019.bj.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1602055425569988608

185.246.221.111:8081

# Reference: https://twitter.com/drb_ra/status/1602055945613447168

155.94.156.132:10011

# Reference: https://twitter.com/drb_ra/status/1602060175594094592
# Reference: https://twitter.com/drb_ra/status/1602060501063811073

http://54.199.163.150
54.199.163.150:443

# Reference: https://twitter.com/drb_ra/status/1602115611508850689

conhoosst.com
as.conhoosst.com
qw.conhoosst.com
zx.conhoosst.com

# Reference: https://twitter.com/drb_ra/status/1602133345630134272

124.220.151.246:8443

# Reference: https://twitter.com/drb_ra/status/1602133671842091008

45.152.67.162:6443

# Reference: https://twitter.com/drb_ra/status/1602133929464668160

http://43.155.140.117

# Reference: https://twitter.com/drb_ra/status/1602133987379535879

66.94.122.94:8443

# Reference: https://twitter.com/drb_ra/status/1602134006694387712

85.117.235.185:8089

# Reference: https://twitter.com/drb_ra/status/1602134033068134401

43.128.66.61:443

# Reference: https://twitter.com/drb_ra/status/1602134228132577280

45.139.105.143:8083

# Reference: https://twitter.com/drb_ra/status/1602232670943154178

23.152.0.171:8080

# Reference: https://twitter.com/drb_ra/status/1602237948753321984

47.92.95.200:443

# Reference: https://twitter.com/drb_ra/status/1602267549537796096
# Reference: https://twitter.com/drb_ra/status/1602273393067302912

http://47.104.195.224
47.104.195.224:443

# Reference: https://twitter.com/drb_ra/status/1602267686502891520

83.217.11.6:8443

# Reference: https://twitter.com/drb_ra/status/1602271522269401088

http://47.100.180.46

# Reference: https://twitter.com/drb_ra/status/1602272312853774338

pabotelidely.tk
managers.pabotelidely.tk

# Reference: https://twitter.com/drb_ra/status/1602273337278963712

18.166.178.144:60000

# Reference: https://twitter.com/drb_ra/status/1602273592250712065

114.132.155.224:1433

# Reference: https://twitter.com/drb_ra/status/1602274034401660932

http://162.14.83.232

# Reference: https://twitter.com/drb_ra/status/1602274191578959873

179.43.142.47:8443

# Reference: https://twitter.com/drb_ra/status/1602301005877723137

dobo78a5jztmu.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1602301725561561090

120.232.254.134:7788

# Reference: https://twitter.com/drb_ra/status/1602302550174228481

82.157.125.21:443

# Reference: https://twitter.com/drb_ra/status/1602335538433884166

45.66.159.41:5556

# Reference: https://twitter.com/drb_ra/status/1602335795452469254

47.97.170.200:8086

# Reference: https://twitter.com/drb_ra/status/1602510048688750594

38.54.17.134:18080

# Reference: https://twitter.com/drb_ra/status/1602510088069054464

103.149.200.79:9530

# Reference: https://twitter.com/drb_ra/status/1602510200623202305

179.60.150.50:443

# Reference: https://twitter.com/drb_ra/status/1602510360703033345

43.128.66.61:8888

# Reference: https://twitter.com/drb_ra/status/1602511299426062336

155.94.156.132:10010

# Reference: https://twitter.com/drb_ra/status/1602511369873592320

3.8.10.84:443

# Reference: https://twitter.com/drb_ra/status/1602511429462118400

124.223.118.87:8077

# Reference: https://twitter.com/drb_ra/status/1602511750741594112

158.247.206.173:443

# Reference: https://twitter.com/drb_ra/status/1602511939887833089

server2077.microsoft-essentials.com

# Reference: https://www.virustotal.com/gui/file/595e6a0132e29481f733885bc0c0b56579a7ef7b097f4fd7c2e9d0bf00f3a69a/detection

165.227.79.69:443

# Reference: https://twitter.com/drb_ra/status/1602511975665352705
# Reference: https://twitter.com/drb_ra/status/1602512298983268352

http://154.39.250.172
http://154.39.250.188
http://154.39.250.4

# Reference: https://twitter.com/drb_ra/status/1602512060650323969

http://107.148.129.142

# Reference: https://twitter.com/drb_ra/status/1602530446415364099

39.105.93.251:44444

# Reference: https://twitter.com/drb_ra/status/1602531337918971904

http://1.117.91.33

# Reference: https://twitter.com/drb_ra/status/1602531999150907393

service-cjgyy59m-1301310284.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1602627826200580098

119.23.229.180:8000

# Reference: https://twitter.com/drb_ra/status/1602628519116275713

69.172.74.52:443

# Reference: https://twitter.com/drb_ra/status/1602629210710867968

counterforce.cc

# Reference: https://twitter.com/drb_ra/status/1602631645454110720

114.132.155.224:443

# Reference: https://twitter.com/drb_ra/status/1602632512748097536

106.12.134.91:777

# Reference: https://twitter.com/drb_ra/status/1602633860969275393

178.18.255.124:443

# Reference: https://twitter.com/drb_ra/status/1602635756824150017

47.92.95.200:8081

# Reference: https://twitter.com/drb_ra/status/1602636188535427072

43.139.69.104:8800

# Reference: https://twitter.com/drb_ra/status/1602636351177908225
# Reference: https://twitter.com/drb_ra/status/1602636578672852993

http://204.44.125.106
204.44.125.106:443

# Reference: https://twitter.com/drb_ra/status/1602687642205884416

1.13.175.57:9090

# Reference: https://twitter.com/drb_ra/status/1602837320855601153

107.174.186.22:5566

# Reference: https://twitter.com/drb_ra/status/1602867321596526593

100.125.39.72:51891
121.0.111.228:51891

# Reference: https://twitter.com/drb_ra/status/1602867458330791937

http://91.202.5.154
http://91.202.5.155

# Reference: https://twitter.com/drb_ra/status/1602867589583196160

47.242.93.231:8090

# Reference: https://twitter.com/drb_ra/status/1602867660059975680

svcchcost.com
as.svcchcost.com
qw.svcchcost.com
zx.svcchcost.com

# Reference: https://twitter.com/drb_ra/status/1602867767480385537

196.188.171.251:443

# Reference: https://twitter.com/drb_ra/status/1602867909184950274

144.202.34.78:10238

# Reference: https://twitter.com/drb_ra/status/1602868037568397312

118.99.52.8:81

# Reference: https://twitter.com/drb_ra/status/1602868634828816384

43.249.9.15:2233

# Reference: https://twitter.com/drb_ra/status/1602869032025210884

83.217.11.6:8888

# Reference: https://twitter.com/MichalKoczwara/status/1602997501183029249

47.111.139.209:9099

# Reference: https://twitter.com/drb_ra/status/1603019296564723713

193.106.191.208:443

# Reference: https://twitter.com/drb_ra/status/1603019487632048131

http://104.131.4.250

# Reference: https://twitter.com/drb_ra/status/1603020204090466304

http://81.68.219.25

# Reference: https://twitter.com/drb_ra/status/1603020559226388481

http://108.166.206.42

# Reference: https://twitter.com/drb_ra/status/1603020615581159424

194.165.16.90:8888

# Reference: https://twitter.com/drb_ra/status/1603021282001428485

sfimcdnupdate.sf-tech.com.cn.wswebpic.com

# Reference: https://twitter.com/drb_ra/status/1603021730053865473

43.139.139.56:8080

# Reference: https://twitter.com/drb_ra/status/1603023068405940227

101.43.104.60:9999
121.41.128.115:9999

# Reference: https://twitter.com/drb_ra/status/1603023145245491201

49.235.95.50:87

# Reference: https://twitter.com/drb_ra/status/1603023180393848836

39.108.0.113:443

# Reference: https://twitter.com/drb_ra/status/1603023768854695937

5.8.18.112:443

# Reference: https://twitter.com/drb_ra/status/1603024311870160901

77.73.133.84:8443

# Reference: https://twitter.com/drb_ra/status/1603025219110813697

http://43.142.184.130

# Reference: https://twitter.com/drb_ra/status/1603026407084462081

/register/space/FKV1SW8E42
/space/FKV1SW8E42
/FKV1SW8E42

# Reference: https://twitter.com/drb_ra/status/1603028014089981953

tumbleproperty.com
/put/intracorp/XG4VY9UN3
/intracorp/XG4VY9UN3
/XG4VY9UN3

# Reference: https://twitter.com/drb_ra/status/1603030172114075649

114.116.99.27:6666

# Reference: https://twitter.com/drb_ra/status/1603031259785183235

206.119.75.229:443

# Reference: https://twitter.com/drb_ra/status/1603032351444967425

1.14.198.89:8011

# Reference: https://twitter.com/drb_ra/status/1603032435716923392

m1crosoft.xyz
ns.m1crosoft.xyz

# Reference: https://twitter.com/drb_ra/status/1603032930103730180

http://43.142.31.225

# Reference: https://twitter.com/drb_ra/status/1603037531964162055

service-f28fmeum-1256527261.gz.apigw.tencentcs.com

# Reference: https://twitter.com/morimolymoly2/status/1602853090952028160
# Reference: https://www.virustotal.com/gui/file/e7416d41625d8e0391d281ba1c73ecda1dc1e543571f9badfe8ba0776a8e01fa/detection
# Reference: https://www.virustotal.com/gui/file/9d2507cf867f22e1d967fcbc0f429a3dd5334ecb8561febff6813c4476c59534/detection

18.65.162.119:443

# Reference: https://twitter.com/drb_ra/status/1603046341030068227

deyanggov.cf

# Reference: https://twitter.com/drb_ra/status/1603050458507055106

103.36.196.60:1233
nocc.cc

# Reference: https://twitter.com/drb_ra/status/1603055119460974594

http://80.85.154.166

# Reference: https://twitter.com/drb_ra/status/1603067539231326209

1.12.55.126:9988

# Reference: https://twitter.com/KorbenD_Intel/status/1603097779970129920

192.225.226.13:444
configlive.work.gd

# Reference: https://twitter.com/drb_ra/status/1603185614710620162

http://43.205.159.189

# Reference: https://twitter.com/drb_ra/status/1603186560094060545
# Reference: https://twitter.com/drb_ra/status/1603187103256526851

34.221.248.35:8080
34.221.248.35:8443
support-fbi.tk

# Reference: https://twitter.com/drb_ra/status/1603187210697801728

23.224.42.29:443

# Reference: https://twitter.com/drb_ra/status/1603198738729762816

47.100.232.223:443

# Reference: https://twitter.com/drb_ra/status/1603198822905221120

124.222.248.86:20011

# Reference: https://twitter.com/drb_ra/status/1603349604824662016

http://81.70.11.25

# Reference: https://twitter.com/drb_ra/status/1603349988985167872

43.142.60.207:8080

# Reference: https://twitter.com/drb_ra/status/1603350393735503872

124.70.100.184:4567

# Reference: https://twitter.com/drb_ra/status/1603351622247129088

39.98.50.48:9999

# Reference: https://www.virustotal.com/gui/file/38ded8ef84cd8b943b872aa8d8d23414f6e5a6f8d21e7701fa968a8226c2d736/detection
# Reference: https://www.virustotal.com/gui/file/3448110f3cbe194f5b0e0be0c2a417ff187f93f4bdfe051d516aa7b76c6c3c30/detection
# Reference: https://www.virustotal.com/gui/file/b5e5e3d8edd64bae2566c4a942c9352939623c246f33b135f826eb0355451a1e/detection

155.94.163.74:8086
155.94.163.74:8989
/DogCsDogCsDogCs.js

# Reference: https://twitter.com/KorbenD_Intel/status/1603474496849121281

kykyses.com
lyrasafety.com
cdn.lyrasafety.com
23-227-194-86.static.hvvc.us

# Reference: https://twitter.com/drb_ra/status/1603354137508384768

117.50.184.22:7676

# Reference: https://twitter.com/drb_ra/status/1603355269983002624

13.251.35.194:443
/Collect/Press/XPH6TIID3
/Press/XPH6TIID3
/XPH6TIID3

# Reference: https://twitter.com/drb_ra/status/1603414785172901889

http://43.138.178.132
http://43.138.171.18

# Reference: https://twitter.com/drb_ra/status/1603417512720437248

178.128.229.91:8443

# Reference: https://twitter.com/drb_ra/status/1603417987943383041

sunbelt.azureedge.net

# Reference: https://twitter.com/drb_ra/status/1603418985374048257

156.226.22.243:8823

# Reference: https://twitter.com/drb_ra/status/1603420748357451787

185.217.1.30:8080

# Reference: https://twitter.com/drb_ra/status/1603438034741075968

/design/modem/Q2BN7DY75TA
/modem/Q2BN7DY75TA
/Q2BN7DY75TA

# Reference: https://twitter.com/drb_ra/status/1603438086163206144

104.131.4.250:443

# Reference: https://twitter.com/drb_ra/status/1603494355775414276

http://121.5.235.93

# Reference: https://twitter.com/drb_ra/status/1603494452642947072

http://47.92.194.151

# Reference: https://twitter.com/drb_ra/status/1603495458118197256

101.43.188.175:6666

# Reference: https://twitter.com/drb_ra/status/1603495478187941916

217.76.51.196:443

# Reference: https://twitter.com/drb_ra/status/1603496279249674242

rainclv.com
/communicate/font/BXM8R04T
/font/BXM8R04T
/BXM8R04T

# Reference: https://twitter.com/drb_ra/status/1603497289678479363

http://123.57.131.96

# Reference: https://twitter.com/drb_ra/status/1603500936655151105

216.127.189.241:8381

# Reference: https://twitter.com/drb_ra/status/1603502301506928640

103.170.72.243:8443
zhwp.cf
b.zhwp.cf

# Reference: https://twitter.com/drb_ra/status/1603504642821865473

45.192.182.192:443
redshark.cc

# Reference: https://twitter.com/drb_ra/status/1603561572948910080

dllhost.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1603561602481094657

150.158.152.94:30001

# Reference: https://twitter.com/drb_ra/status/1603562569939165186

183.57.37.247:6666

# Reference: https://isc.sans.edu/diary/rss/29344
# Reference: https://otx.alienvault.com/pulse/639c251cccbd8ca49a40f4e5

http://199.127.62.132
http://46.4.182.102
http://176.105.202.212
190.61.121.35:443
bukifide.com
kingoflake.com
/adcs4

# Reference: https://twitter.com/drb_ra/status/1603707039804440576

47.242.74.51:7676

# Reference: https://twitter.com/drb_ra/status/1603707077850963969

buy-smart-home.com
/Explode/v9.46/6XA443OHVHK9
/v9.46/6XA443OHVHK9
/6XA443OHVHK9

# Reference: https://twitter.com/drb_ra/status/1603707166837424128

n3wf1nd3r.ga
n3w.n3wf1nd3r.ga

# Reference: https://twitter.com/drb_ra/status/1603707198214914051

51.210.243.38:6969

# Reference: https://twitter.com/drb_ra/status/1603707266192089088

d1jhkwbbq0yo0s.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1603707380658851841

8.212.49.116:2053

# Reference: https://twitter.com/drb_ra/status/1603707654198771713

http://70.34.249.7

# Reference: https://twitter.com/drb_ra/status/1603707706191347713

62.204.41.155:443

# Reference: https://www.virustotal.com/gui/file/5c39ebda58d5cbd9e09eebd022ecc93c92be2e034f5d7a338b68b2ff43a76c56/detection

apt10.team

# Reference: https://twitter.com/malwrhunterteam/status/1603732526270398464
# Reference: https://www.virustotal.com/gui/file/3c3e7bfc845499eef9596e7775c02f19aa6456514d440895f8ff4993d50802ac/detection

218.95.37.218:32654

# Reference: https://twitter.com/drb_ra/status/1603731493276229633

109.94.208.57:8080

# Reference: https://twitter.com/drb_ra/status/1603731597261520896

http://43.142.103.57

# Reference: https://twitter.com/drb_ra/status/1603732577453481984

svchost20221216.ddnsfree.com

# Reference: https://twitter.com/drb_ra/status/1603732727538278400

43.136.128.160:8443
dnehtb.cn

# Reference: https://twitter.com/drb_ra/status/1603771723849023489
# Reference: https://twitter.com/drb_ra/status/1603772003466575874

d.hik.icu
cs.d.hik.icu

# Reference: https://twitter.com/drb_ra/status/1603780234289074182
# Reference: https://twitter.com/drb_ra/status/1603780590007984134

http://195.189.96.208
195.189.96.208:443

# Reference: https://twitter.com/drb_ra/status/1603857179865407509
# Reference: https://twitter.com/drb_ra/status/1603857335880933386
# Reference: https://twitter.com/drb_ra/status/1603857799330648064
# Reference: https://twitter.com/drb_ra/status/1603858881880416257
# Reference: https://twitter.com/drb_ra/status/1603859191445311490
# Reference: https://twitter.com/drb_ra/status/1603862140426850304
# Reference: https://twitter.com/drb_ra/status/1603862329741152256
# Reference: https://twitter.com/drb_ra/status/1603862422279839756
# Reference: https://twitter.com/drb_ra/status/1603865028607762433
# Reference: https://twitter.com/drb_ra/status/1603867921842855952

209.182.227.146:4444
209.182.227.146:8080
209.182.227.146:8888
209.182.227.147:8080
209.182.227.147:8888
209.182.227.148:4444
209.182.227.149:8080
209.182.227.149:8888
209.182.227.150:4444
209.182.227.150:8888
kucujiju.com
/split/v4.70/7HPBUZJP5
/v4.70/7HPBUZJP5
/7HPBUZJP5

# Reference: https://twitter.com/drb_ra/status/1603858069829607424

http://149.28.31.122

# Reference: https://twitter.com/drb_ra/status/1603858511120719878

47.242.55.170:2053

# Reference: https://twitter.com/drb_ra/status/1603858742189121551
# Reference: https://twitter.com/drb_ra/status/1603863459963232276

push.azureedge.net
push01.azureedge.net

# Reference: https://twitter.com/drb_ra/status/1603860506321772544

84.32.128.5:88

# Reference: https://twitter.com/drb_ra/status/1603860772265811970

216.24.243.181:9999

# Reference: https://twitter.com/drb_ra/status/1603863711210512384

191.101.78.79:8090
attlasian.wiki

# Reference: https://twitter.com/drb_ra/status/1603863901602471939

thebluewhale-habshgd4cfgpa0gt.z01.azurefd.net

# Reference: https://twitter.com/drb_ra/status/1603864161733206021

http://62.204.41.155

# Reference: https://twitter.com/drb_ra/status/1603867100170358784

27.122.59.226:443

# Reference: https://twitter.com/drb_ra/status/1603867324259393555

palaltocloud.online

# Reference: https://twitter.com/drb_ra/status/1603874642149662727

42.193.154.14:8001

# Reference: https://twitter.com/drb_ra/status/1603875223341785098

favls.com

# Reference: https://twitter.com/drb_ra/status/1603875864827027458

172.96.141.10:8443
ffiash.top
m.ffiash.top

# Reference: https://twitter.com/drb_ra/status/1603876027167563778

http://47.57.6.34

# Reference: https://twitter.com/drb_ra/status/1603878442763751425

39.101.198.2:8448

# Reference: https://www.elastic.co/security-labs/siestagraph-new-implant-uncovered-in-asean-member-foreign-ministry

http://185.239.70.229

# Reference: https://twitter.com/drb_ra/status/1603960264054956033

http://116.62.207.46

# Reference: https://twitter.com/drb_ra/status/1603960430342217730

service-e2k45q5k-1313934947.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1603961001979920384

service-gp6xrjkz-1314128526.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1603961254367956992

27.122.59.226:18088

# Reference: https://twitter.com/drb_ra/status/1603961452381016065

107.174.186.22:8090

# Reference: https://twitter.com/drb_ra/status/1603961529086492672

154.12.35.138:88

# Reference: https://twitter.com/drb_ra/status/1604086894102544384

http://124.220.189.243
http://218.60.93.132

# Reference: https://twitter.com/drb_ra/status/1604087054081613824
# Reference: https://twitter.com/drb_ra/status/1604087247669796869

77.73.134.23:10443
77.73.134.23:443
cloudmane.online

# Reference: https://twitter.com/drb_ra/status/1604087081722060803

42.192.54.106:3333

# Reference: https://twitter.com/drb_ra/status/1604203219579699201

81.68.142.187:4444

# Reference: https://twitter.com/drb_ra/status/1604203238122655745

43.132.122.84:443

# Reference: https://twitter.com/drb_ra/status/1604203259379359744

43.201.154.194:8080

# Reference: https://twitter.com/drb_ra/status/1604203326664368128

193.42.24.169:8773

# Reference: https://twitter.com/drb_ra/status/1604203399196856321

http://107.172.208.88

# Refereence: https://twitter.com/drb_ra/status/1604203636434898944

http://87.251.67.166

# Reference: https://twitter.com/drb_ra/status/1604203719532466176

144.34.161.133:9033

# Reference: https://twitter.com/drb_ra/status/1604203830849474560

http://195.133.53.186

# Reference: https://twitter.com/drb_ra/status/1604203943135162368

http://149.127.232.17

# Reference: https://twitter.com/drb_ra/status/1604233361177956353

192.3.231.208:8080
qax666.tk

# Reference: https://twitter.com/drb_ra/status/1604233695728209920
# Reference: https://www.virustotal.com/gui/ip-address/45.32.54.126/relations

www-baibu-com.website
www-souhu-com.tk

# Reference: https://twitter.com/drb_ra/status/1604233896606007299

45.77.43.207:8443

# Reference: https://twitter.com/drb_ra/status/1604290987798532096

http://81.70.213.54

# Reference: https://twitter.com/drb_ra/status/1604314762950631424

23.21.80.137:443

# Reference: https://twitter.com/drb_ra/status/1604314832236417027
# Reference: https://twitter.com/drb_ra/status/1604314914297896962

http://23.254.225.252
23.254.225.252:443
microupdate.online

# Reference: https://twitter.com/drb_ra/status/1604314937412784128

47.100.69.112:31111

# Reference: https://twitter.com/drb_ra/status/1604314961488101376

http://43.138.27.134

# Reference: https://twitter.com/drb_ra/status/1604315272151719936

1.12.55.126:8088

# Reference: https://twitter.com/drb_ra/status/1604482374858842113

119.29.1.212:9088

# Reference: https://twitter.com/drb_ra/status/1604482582477164544

103.233.253.147:2000

# Reference: https://twitter.com/drb_ra/status/1604482762165129222

103.233.253.147:8088

# Reference: https://twitter.com/drb_ra/status/1604494167501062146

143.198.243.87:443
/Devise/v2.7/5WSUDPEX
/v2.7/5WSUDPEX
/5WSUDPEX

# Reference: https://twitter.com/drb_ra/status/1604508607172644865

1.14.198.89:44477

# Reference: https://twitter.com/drb_ra/status/1604508697882935299

8.134.96.195:443

# Reference: https://twitter.com/drb_ra/status/1604653278842724357

119.29.1.212:8077

# Reference: https://twitter.com/drb_ra/status/1604763348301668352

43.139.7.93:443

# Reference: https://twitter.com/drb_ra/status/1604803615977345026

162.14.82.171:12345

# Reference: https://twitter.com/drb_ra/status/1604803645098401792

47.92.223.223:801

# Reference: https://twitter.com/drb_ra/status/1604803725742178304

43.142.77.246:10020

# Reference: https://twitter.com/drb_ra/status/1604803843702800385

152.136.212.69:55001

# Reference: https://twitter.com/drb_ra/status/1604803981707993088

42.192.19.75:8891

# Reference: https://twitter.com/drb_ra/status/1604804020589273088

http://39.98.50.48

# Reference: https://twitter.com/drb_ra/status/1604804040675704834

43.139.225.176:88

# Reference: https://twitter.com/drb_ra/status/1604804056542855169

47.114.151.215:8088

# Reference: https://twitter.com/drb_ra/status/1604804114923372547

39.106.90.73:40001

# Reference: https://twitter.com/drb_ra/status/1604804159701663748

cmdatabase.com

# Reference: https://twitter.com/drb_ra/status/1604874454500360195

116.49.14.117:9900

# Reference: https://twitter.com/drb_ra/status/1604875239720198152

15.164.155.60:443

# Reference: https://twitter.com/drb_ra/status/1604950805668323328

82.157.145.115:888

# Reference: https://twitter.com/drb_ra/status/1604951519023054849

81.71.162.183:8081

# Reference: https://twitter.com/drb_ra/status/1604952019860656129

103.42.31.253:5555

# Reference: https://twitter.com/drb_ra/status/1604953410373033991

77.73.134.23:445

# Reference: https://twitter.com/drb_ra/status/1604954504155353098
# Reference: https://twitter.com/drb_ra/status/1604954760850935809

94.131.2.19:443
94.131.2.19:8090
wustat-microsoft.com

# Reference: https://twitter.com/drb_ra/status/1604955173985681408

http://198.167.204.119
http://45.14.165.125

# Reference: https://twitter.com/drb_ra/status/1604955308622757889

135.148.97.180:8443
eserverx.com

# Reference: https://twitter.com/drb_ra/status/1604955851785228292

185.225.70.147:8080
twistettransistor.com
sso.twistettransistor.com

# Reference: https://twitter.com/drb_ra/status/1604960721758048268

185.163.45.132:443

# Reference: https://twitter.com/drb_ra/status/1604961444424044555

170.64.138.9:443

# Reference: https://twitter.com/drb_ra/status/1604962713234559015

5.188.86.196:443

# Reference: https://twitter.com/drb_ra/status/1604962806746566668

170.64.248.225:443

# Reference: https://twitter.com/drb_ra/status/1605035489656016896

154.209.74.154:3001

# Reference: https://twitter.com/drb_ra/status/1605131960078180353

http://45.76.97.48

# Reference: https://twitter.com/drb_ra/status/1605132071210467328

efgpfsbwjdwuivxyjwdx.com

# Reference: https://twitter.com/drb_ra/status/1605212843313401856

23.105.214.171:8080

# Reference: https://twitter.com/drb_ra/status/1605213101472858114

http://179.60.150.99

# Reference: https://twitter.com/drb_ra/status/1605214504823955457

http://5.188.86.196

# Reference: https://twitter.com/drb_ra/status/1605215076079833088

http://173.82.206.184

# Reference: https://twitter.com/drb_ra/status/1605215126759641089

49.232.191.102:443

# Reference: https://twitter.com/drb_ra/status/1605215195693039616

15.164.155.60:8888

# Reference: https://twitter.com/drb_ra/status/1605215528859189249

58.64.193.172:4443
buyshipping.ml
lin.buyshipping.ml

# Reference: https://twitter.com/drb_ra/status/1605228151365304322

http://82.157.251.237

# Reference: https://twitter.com/drb_ra/status/1605229651814748160

http://43.140.252.193

# Reference: https://twitter.com/drb_ra/status/1605229946103861250

121.199.0.54:8080

# Reference: https://twitter.com/drb_ra/status/1605231065752387586

124.71.84.65:8443

# Reference: https://twitter.com/drb_ra/status/1605231193502486529

7ce7c755fc664713a372e9ee635698da.apig.cn-east-3.huaweicloudapis.com

# Reference: https://twitter.com/drb_ra/status/1605231576656351233

47.242.58.73:8899

# Reference: https://twitter.com/drb_ra/status/1605232188827619328

ukmedia.store

# Reference: https://twitter.com/drb_ra/status/1605233357394255876

202.95.19.215:443

# Reference: https://twitter.com/drb_ra/status/1605233588152274944

110.40.199.147:443

# Reference: https://twitter.com/drb_ra/status/1605233913995091971

5.188.86.237:443
/functionalStatus/2JYbAmfY5gYNj7UrgAte5p1jXx2V
/2JYbAmfY5gYNj7UrgAte5p1jXx2V

# Reference: https://twitter.com/drb_ra/status/1605234165124849664

45.81.128.189:443
81.28.12.12:443
bdstatic.cf
static.bdstatic.cf

# Reference: https://twitter.com/drb_ra/status/1605234379772633089

194.165.16.58:443

# Reference: https://twitter.com/drb_ra/status/1605235651456139264

49.234.35.197:443

# Reference: https://twitter.com/drb_ra/status/1605286014754476059
# Reference: https://twitter.com/drb_ra/status/1605286424777052161

http://206.54.190.246
206.54.190.246:443

# Reference: https://twitter.com/drb_ra/status/1605286079594102784

216.83.45.202:443

# Reference: https://twitter.com/drb_ra/status/1605286130131390465

103.127.124.139:8443
dns-google.net

# Reference: https://twitter.com/drb_ra/status/1605286183818481670

155.133.27.151:8080

# Reference: https://twitter.com/drb_ra/status/1605286215904907280

lucky365.games
c1.lucky365.games

# Reference: https://twitter.com/drb_ra/status/1605286359949889544

rectificatelanguage.com
h3.rectificatelanguage.com

# Reference: https://twitter.com/drb_ra/status/1605286692352675848

154.209.74.154:443

# Reference: https://twitter.com/drb_ra/status/1605383504606515202

43.140.200.42:443

# Reference: https://twitter.com/drb_ra/status/1605383600760885248

http://1.116.160.60

# Reference: https://twitter.com/drb_ra/status/1605383727625928706

http://1.116.160.39

# Reference: https://twitter.com/drb_ra/status/1605383994182361090

http://134.209.72.110

# Reference: https://twitter.com/drb_ra/status/1605384093306437633

103.21.208.170:9889

# Reference: https://twitter.com/drb_ra/status/1605428551251116038

serensa.nl
/functionalStatus/8-ddQOE0ZmY7GUmymBx7eVPEmmty
/8-ddQOE0ZmY7GUmymBx7eVPEmmty

# Reference: https://twitter.com/drb_ra/status/1605428710743707648

42.192.54.106:3333

# Reference: https://twitter.com/drb_ra/status/1605428742049959937

42.192.19.75:8899

# Reference: https://twitter.com/drb_ra/status/1605428793639936001

109.94.208.57:443

# Reference: https://twitter.com/drb_ra/status/1605528889094295553

121.127.233.205:443

# Reference: https://twitter.com/drb_ra/status/1605529735840366593

120.26.240.21:55443

# Reference: https://twitter.com/drb_ra/status/1605530846441738240

http://81.70.167.153

# Reference: https://twitter.com/drb_ra/status/1605531028235378688

45.152.67.162:6443
ceshi897.tk
zyba.ceshi897.tk
service-7tllas30-1313419091.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1605531767540269056

mcrsoffice.workers.dev
update.mcrsoffice.workers.dev

# Reference: https://twitter.com/drb_ra/status/1605531980417867779

43.139.225.176:443

# Reference: https://twitter.com/drb_ra/status/1605532752203350016

43.140.200.42:8005

# Reference: https://twitter.com/drb_ra/status/1605566641013669888
# Reference: https://twitter.com/drb_ra/status/1605567081805668352

http://195.189.99.114
195.189.99.114:8443

# Reference: https://twitter.com/drb_ra/status/1605567580542046208

http://149.28.195.210

# Reference: https://twitter.com/MichalKoczwara/status/1605646765134385153

http://175.178.73.224

# Reference: https://twitter.com/drb_ra/status/1605660913813553153

173.82.206.184:4433

# Reference: https://twitter.com/drb_ra/status/1605661137923629069

194.49.94.254:10086

# Reference: https://twitter.com/drb_ra/status/1605661192751562752

180.76.166.65:9110

# Reference: https://twitter.com/drb_ra/status/1605663932915515392

http://192.227.155.201

# Reference: https://twitter.com/drb_ra/status/1605664463109120009

poasnm.com

# Reference: https://twitter.com/drb_ra/status/1605738740818886656

http://79.137.207.137

# Reference: https://twitter.com/drb_ra/status/1605756113848246274

51.210.243.38:8085

# Reference: https://twitter.com/drb_ra/status/1605756616225263618

43.139.19.125:8585

# Reference: https://twitter.com/drb_ra/status/1605756726631882753

5.181.86.249:443
afspd.com

# Reference: https://twitter.com/drb_ra/status/1605756899453968384

23.160.193.145:443

# Reference: https://twitter.com/drb_ra/status/1605889028934475777

logedin1.kasperslkyupdate.com
logedin2.kasperslkyupdate.com

# Reference: https://twitter.com/drb_ra/status/1605925142252617728

4.205.51.119:8443

# Reference: https://twitter.com/drb_ra/status/1605925959097585666

4.205.51.119:8088

# Reference: https://twitter.com/drb_ra/status/1605926077066526722

4.205.51.119:8082

# Reference: https://twitter.com/drb_ra/status/1605926089649541122

4.205.51.119:8089

# Reference: https://twitter.com/TheDFIRReport/status/1605922731165466625

no-cs.cf

# Reference: https://twitter.com/drb_ra/status/1606076684423380993
# Reference: https://github.com/pan-unit42/tweets/blob/master/2022-12-20-IOCs-for-IcedID-infection-with-Cobalt-Strike.txt

http://209.182.227.138
xedefeg.com

# Reference: https://twitter.com/drb_ra/status/1606038375839965190

88.218.192.70:443

# Reference: https://twitter.com/drb_ra/status/1606095038999568390

47.117.127.175:60001

# Reference: https://twitter.com/drb_ra/status/1606095106901147648

http://3.145.195.94

# Reference: https://twitter.com/drb_ra/status/1606288843946196994

38.6.155.73:8023

# Reference: https://twitter.com/drb_ra/status/1606289140554895361

http://91.213.50.35
/Start/ps/INHCOEVIG
/ps/INHCOEVIG
/INHCOEVIG

# Reference: https://twitter.com/drb_ra/status/1606289033117802503

service-r0ft855s-1303896379.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1606289542755008513

chrome-net.com
protect.chrome-net.com

# Reference: https://twitter.com/drb_ra/status/1606289697113882624

144.91.72.189:4444

# Reference: https://twitter.com/drb_ra/status/1606289756673003522

141.147.170.170:60001
vivio.icu
atk.vivio.icu

# Reference: https://twitter.com/drb_ra/status/1606290068666195969

185.246.221.128:886

# Reference: https://twitter.com/drb_ra/status/1606290157598040065

66.42.38.47:8443

# Reference: https://twitter.com/drb_ra/status/1606290324539822080

http://62.204.41.237

# Reference: https://twitter.com/drb_ra/status/1606374242328739840

216.83.38.235:8081

# Reference: https://twitter.com/drb_ra/status/1606374327896739840

85.209.135.49:8045

# Reference: https://twitter.com/drb_ra/status/1606374348604022786

198.12.74.39:8045

# Reference: https://twitter.com/drb_ra/status/1606374372394123265

37.58.62.182:8088

# Reference: https://twitter.com/drb_ra/status/1606374402521763848

http://64.227.132.76

# Reference: https://twitter.com/drb_ra/status/1606374567257247750

62.204.41.237:443

# Reference: https://twitter.com/drb_ra/status/1606374608206274561

http://107.148.49.83

# Reference: https://twitter.com/drb_ra/status/1606374656268767246

aashiyana.tatasteel.com
dsadtegd.global.ssl.fastly.net
/Remove/v7.61/B1S2VYTPUV
/v7.61/B1S2VYTPUV
/B1S2VYTPUV

# Reference: https://twitter.com/drb_ra/status/1606374725445423121

121.5.102.72:8889

# Reference: https://twitter.com/drb_ra/status/1606374952357269520

http://51.195.200.8

# Reference: https://twitter.com/drb_ra/status/1606374979918041110

37.58.62.182:8089

# Reference: https://twitter.com/drb_ra/status/1606377217797328905

81.70.11.25:443

# Reference: https://twitter.com/drb_ra/status/1606402957720920072

43.143.237.87:5678

# Reference: https://twitter.com/drb_ra/status/1606460589232070656

http://5.181.86.249

# Reference: https://twitter.com/drb_ra/status/1606479304753291267

http://45.13.234.14

# Reference: https://twitter.com/drb_ra/status/1606480123200475137

144.202.41.66:443
soltonbigs.com

# Reference: https://twitter.com/drb_ra/status/1606480567725445120

85.239.52.175:8443
blendrender.com

# Reference: https://twitter.com/Kostastsale/status/1606552747977117697
# Reference: https://twitter.com/Kostastsale/status/1606552749671612416
# Reference: https://www.virustotal.com/gui/file/be0eae80515553de45108c8d3c6d54dda7597536968031dc40c732c0961ec6fa/detection
# Reference: https://www.virustotal.com/gui/file/4b89d259196985a0c49253c58fee8182a1ae5482af84ba2ed39cc98d798f60de/detection
# Reference: https://www.virustotal.com/gui/file/cf7e9ef49ff3572505c46646c37a24d32caee5a1d5a01e7c75b9943f613977b4/detection
# Reference: https://www.virustotal.com/gui/file/cb458362e56ace4b3f2859a2e340fa5afefcff4e46acff0ba5968a1d4c9e439e/detection
# Reference: https://www.virustotal.com/gui/file/3eff337f68d8a4946fcd338af9537175b91279133fad3bacab855cca891d403e/detection

http://194.104.136.70
104.36.231.98:443
111.90.143.233:443
111.90.143.218:8443
46.174.236.175:443
ineoserver.com
johnjeffriesphotography.com
vosuxizen.com

# Reference: https://twitter.com/drb_ra/status/1606604532657659905

193.47.61.29:8080

# Reference: https://twitter.com/drb_ra/status/1606605569460142080

5.255.106.106:443

# Reference: https://twitter.com/drb_ra/status/1606606265592995840

43.138.178.132:443

# Reference: https://twitter.com/drb_ra/status/1606609337002205184

49.232.90.103:8443

# Reference: https://twitter.com/drb_ra/status/1606610567090814976

91.240.118.209:1025

# Reference: https://twitter.com/drb_ra/status/1606611143870521344

121.37.5.94:7777

# Reference: https://twitter.com/drb_ra/status/1606611291908579331

119.3.194.221:8080

# Reference: https://twitter.com/drb_ra/status/1606611856503734272

sslmcd.com
ns1.sslmcd.com
ns2.sslmcd.com
ns3.sslmcd.com
ns4.sslmcd.com

# Reference: https://twitter.com/drb_ra/status/1606613398233534465

43.139.116.197:8888

# Reference: https://twitter.com/drb_ra/status/1606614494192476160

117.50.184.22:8686

# Reference: https://twitter.com/drb_ra/status/1606615859077812225

8.131.94.164:7443

# Reference: https://twitter.com/drb_ra/status/1606655604847788034

http://1.116.119.183

# Reference: https://twitter.com/drb_ra/status/1606679555082784768

http://101.43.109.197

# Reference: https://twitter.com/drb_ra/status/1606679725262442496

43.138.51.36:8443

# Reference: https://twitter.com/drb_ra/status/1606679806271262720

service-jjtklb1e-1307868367.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1606726602171244546
# Reference: https://twitter.com/drb_ra/status/1606840404565004288
# Reference: https://twitter.com/drb_ra/status/1607100130615824384

http://163.123.142.146
163.123.142.146:443
163.123.142.146:4444
updatemicrotok.online

# Reference: https://twitter.com/drb_ra/status/1606726836225966083

8.134.63.69:443

# Reference: https://twitter.com/drb_ra/status/1606727097711579136

167.71.221.51:12336

# Reference: https://twitter.com/drb_ra/status/1606764460785418242

http://194.165.16.58

# Reference: https://twitter.com/drb_ra/status/1606839527099842560

45.13.234.14:443

# Reference: https://twitter.com/drb_ra/status/1606839902531977222

1.15.54.42:443

# Reference: https://twitter.com/drb_ra/status/1606840018252832769
# Reference: https://twitter.com/drb_ra/status/1606840816437284865

185.225.73.244:443
185.225.73.244:8080
/Def/zips/O9QEMOIHX5
/zips/O9QEMOIHX5
/O9QEMOIHX5

# Reference: https://twitter.com/drb_ra/status/1606840241805041664

http://106.52.85.114

# Reference: https://twitter.com/drb_ra/status/1606840531245490179

43.156.150.242:2087
update.micsoft365.online

# Reference: https://twitter.com/drb_ra/status/1606840637789274112

1.116.119.183:443

# Reference: https://twitter.com/drb_ra/status/1606841085745061888

http://23.160.193.145

# Reference: https://twitter.com/drb_ra/status/1606941443607650304

106.75.218.220:8443

# Reference: https://www.virustotal.com/gui/file/60d86f1572fe85b08530ac8877fc604c81dc1256977d05e4cc646dba3b18fc46/detection

112.253.30.50:8443

# Reference: https://twitter.com/drb_ra/status/1607099097898524680

http://194.195.254.159

# Reference: https://twitter.com/drb_ra/status/1607099144157503488

http://47.92.25.232

# Reference: https://twitter.com/drb_ra/status/1607099302265896962

zfuxwvouqvnttpsrxe.tech

# Reference: https://twitter.com/drb_ra/status/1607099737991270400

152.89.239.35:8443
activate.anondns.net
deb.anondns.net
luckycloud.anondns.net
luckys3c.anondns.net
luckysec.anondns.net
unlucky.anondns.net
webmail.unlucky.anondns.net

# Reference: https://twitter.com/drb_ra/status/1607099894057115651

one-gaming-store.com
/Level/v3.7/CB7OWFLKPZBB
/v3.7/CB7OWFLKPZBB
/CB7OWFLKPZBB

# Reference: https://twitter.com/drb_ra/status/1607100021513617410

37.58.62.182:7086

# Reference: https://twitter.com/drb_ra/status/1607100295359733760

101.99.90.111:443

# Reference: https://twitter.com/drb_ra/status/1607125598807154688

45.159.251.95:443

# Reference: https://twitter.com/drb_ra/status/1607129431625039872

5.188.86.237:1433

# Reference: https://twitter.com/drb_ra/status/1607130966363115520

183.57.37.247:6666

# Reference: https://twitter.com/drb_ra/status/1607133721374736389

http://106.75.218.220

# Reference: https://twitter.com/drb_ra/status/1607200082461446144

84.32.190.176:445

# Reference: https://twitter.com/drb_ra/status/1607200280877142016

45.61.136.213:1443

# Reference: https://twitter.com/drb_ra/status/1607200460833693698

http://154.204.43.31

# Refereence: https://twitter.com/drb_ra/status/1607200640500989952

155.248.180.127:9998

# Reference: https://twitter.com/drb_ra/status/1607201297605820416

http://20.225.139.12

# Reference: https://twitter.com/drb_ra/status/1607336571715440648

120.48.124.220:3333

# Reference: https://twitter.com/drb_ra/status/1607336697271926786

43.249.9.15:7788

# Reference: https://twitter.com/drb_ra/status/1607337369048416256

d2keqa7g0xnve6.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1607337415689048066

121.196.165.107:6666

# Reference: https://twitter.com/drb_ra/status/1607337762079866881

d16vrz45pe7l8i.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1607338662219456513

58.64.193.172:8800

# Reference: https://twitter.com/drb_ra/status/1607338710344802305

thcloud.tk

# Reference: https://twitter.com/drb_ra/status/1607339054772764672

195.189.99.114:9443

# Reference: https://twitter.com/drb_ra/status/1607339258125209600

http://106.75.247.178
http://106.75.218.220

# Reference: https://twitter.com/drb_ra/status/1607392039838093312

91.215.85.132:443

# Reference: https://twitter.com/drb_ra/status/1607392368927318016

smallpetlive.com
/Read/v7.18/GKCFMRN0K
/v7.18/GKCFMRN0K
/GKCFMRN0K

# Reference: https://twitter.com/drb_ra/status/1607392584107794434

101.43.188.175:6666
chidao.icu
laxstore.top
chidao.laxstore.top

# Reference: https://twitter.com/drb_ra/status/1607392735211692034

124.223.181.21:8080

# Reference: https://twitter.com/drb_ra/status/1607392946931879941

43.138.105.228:81

# Reference: https://twitter.com/drb_ra/status/1607431866881114113

107.148.129.142:8080

# Reference: https://twitter.com/drb_ra/status/1607465328195289088

107.173.122.218:51004

# Reference: https://twitter.com/drb_ra/status/1607465460743782400

107.173.122.218:51002

# Reference: https://twitter.com/drb_ra/status/1607465557233745920

http://1.116.161.177

# Reference: https://twitter.com/drb_ra/status/1607465926298828800

103.253.43.197:8285

# Reference: https://twitter.com/drb_ra/status/1607466091541839873

101.99.90.18:443
update.viewdns.net

# Reference: https://twitter.com/drb_ra/status/1607466146210480130

107.173.122.218:51001

# Reference: https://twitter.com/drb_ra/status/1607466171325943809

185.207.154.114:61444

# Reference: https://twitter.com/drb_ra/status/1607466323507920898

106.52.85.114:443

# Reference: https://twitter.com/drb_ra/status/1607466417024024577

217.160.247.34:443

# Reference: https://twitter.com/drb_ra/status/1607466671203127300

http://162.14.97.126

# Reference: https://twitter.com/drb_ra/status/1607468059056373761

service-nl25bhib-1257451595.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1607563281262166016

120.79.64.164:8088

# Reference: https://twitter.com/drb_ra/status/1607563369367703552

101.99.90.18:8008
update.viewdns.net

# Reference: https://twitter.com/drb_ra/status/1607563406667616257

34.92.28.142:443

# Reference: https://twitter.com/drb_ra/status/1607564115861544964

117.50.184.22:6565

# Reference: https://twitter.com/drb_ra/status/1607564516773986306

3.76.40.105:443

# Reference: https://twitter.com/drb_ra/status/1607672265382006784

103.234.72.104:8099

# Reference: https://twitter.com/drb_ra/status/1607682028836687872

43.134.231.129:443

# Reference: https://twitter.com/drb_ra/status/1607698992858537984

124.222.18.35:8080

# Reference: https://twitter.com/drb_ra/status/1607710044203655168

http://120.27.147.74

# Reference: https://twitter.com/drb_ra/status/1607722363105189889

43.138.111.120:7788

# Reference: https://twitter.com/drb_ra/status/1607722461662945281

43.138.46.178:8081

# Reference: https://twitter.com/drb_ra/status/1607722732510236674

1.14.66.24:4444

# Reference: https://twitter.com/drb_ra/status/1607783324071649281

1.15.223.31:443

# Reference: https://twitter.com/drb_ra/status/1607823183805136900

185.106.94.9:8080
itbusinessusa.com

# Reference: https://twitter.com/drb_ra/status/1607823265212293123

173.255.249.221:8443

# Reference: https://twitter.com/drb_ra/status/1607823821230280704

116.204.75.118:33334

# Reference: https://twitter.com/drb_ra/status/1607823924795940867

194.87.46.87:443

# Reference: https://twitter.com/drb_ra/status/1607824112302317569

114.116.46.131:10010

# Reference: https://twitter.com/drb_ra/status/1607824161400832002

193.42.33.218:443
/Arrange/v7.66/X4A12FDAI
/v7.66/X4A12FDAI
/X4A12FDAI

# Reference: https://www.virustotal.com/gui/file/888750cee6858ec2c6131628caa562be26b1c65ecaeff4addcbf73a456c99517/detection

jquery.ink
time.jquery.ink
update.jquery.ink
www2.jquery.ink
32274.time.jquery.ink
32274.update.jquery.ink
50419.time.jquery.ink
50419.update.jquery.ink
5564.time.jquery.ink
5564.update.jquery.ink
55997.time.jquery.ink
55997.update.jquery.ink
65024.time.jquery.ink
65024.update.jquery.ink
68191.time.jquery.ink
68191.update.jquery.ink
96093.time.jquery.ink
96093.update.jquery.ink

# Reference: https://twitter.com/drb_ra/status/1607863524285452292

108.62.118.131:443
zobagip.com
/verify/v1.5/QWDPDEXPSQW
/v1.5/QWDPDEXPSQW
/QWDPDEXPSQW

# Reference: https://twitter.com/drb_ra/status/1607864676305485826

108.62.118.15:443
fomeyogo.com
/queue/click/07B4WD8R
/click/07B4WD8R
/07B4WD8R

# Reference: https://twitter.com/drb_ra/status/1607865521227137026

testwscdn.m.37.com

# Reference: https://twitter.com/drb_ra/status/1607924092329418753

84.32.128.43:8080
gimsvalued.com
sso.gimsvalued.com

# Reference: https://twitter.com/drb_ra/status/1607924280242601984

107.174.247.46:443
/Calculate/v3.43/OYOOC2RKXQN
/v3.43/OYOOC2RKXQN
/OYOOC2RKXQN

# Reference: https://twitter.com/drb_ra/status/1607924575236505602

http://34.221.248.35

# Reference: https://twitter.com/drb_ra/status/1607924646778732544

45.32.29.160:443

# Reference: https://twitter.com/drb_ra/status/1607924825678389248

apacheorg.wiki

# Reference: https://twitter.com/drb_ra/status/1607924905806266372

storkxzsvc.com
as.storkxzsvc.com
qw.storkxzsvc.com
zx.storkxzsvc.com

# Reference: https://twitter.com/drb_ra/status/1607925146412613633

45.63.86.75:443

# Reference: https://twitter.com/drb_ra/status/1608060782893322241

192.3.231.208:8443

# Reference: https://twitter.com/drb_ra/status/1608065179949957122

64.44.168.92:443

# Refereence: https://twitter.com/drb_ra/status/1608146845229891585

service-rjphyzhq-1309482780.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1608190027175022596

43.143.143.20:8281

# Reference: https://twitter.com/drb_ra/status/1608190075816361988

wv2022.com
a.wv2022.com

# Reference: https://twitter.com/drb_ra/status/1608190245241061377

154.204.43.31:443

# Reference: https://twitter.com/drb_ra/status/1608190329164898306

microsoft-stroge.co

# Reference: https://twitter.com/drb_ra/status/1608190389105709056

http://193.149.185.189

# Reference: https://twitter.com/drb_ra/status/1608190417794732032

43.128.72.129:443

# Reference: https://twitter.com/drb_ra/status/1608190462522703878

140.238.17.238:8899

# Reference: https://twitter.com/drb_ra/status/1608190802303352837

84.32.128.43:8443

# Reference: https://twitter.com/drb_ra/status/1608190922201747458

120.26.222.234:443

# Reference: https://twitter.com/drb_ra/status/1608190954959249408

http://155.138.139.238

# Reference: https://twitter.com/drb_ra/status/1608190981442093057

43.143.137.6:8081

# Reference: https://twitter.com/drb_ra/status/1608191412087947267

45.89.55.207:8080

# Reference: https://twitter.com/drb_ra/status/1608191451938127873

194.135.24.253:443

# Reference: https://twitter.com/drb_ra/status/1608191498910040070

213.227.140.7:8088

# Reference: https://twitter.com/drb_ra/status/1608191799792734208

http://155.138.150.70

# Reference: https://twitter.com/drb_ra/status/1608191923830902788

service-g5fx6god-1257451595.sh.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1608192006861242368

first-site.workers.dev
gc.first-site.workers.dev
/eBjC5xrj65Gxaa1652

# Reference: https://twitter.com/drb_ra/status/1608192049659973633

103.100.157.218:88

# Reference: https://twitter.com/drb_ra/status/1608192080882372611

http://96.43.92.72

# Reference: https://twitter.com/drb_ra/status/1608217251978551300

213.227.140.7:8089
j7aaycd6fe6mpp.ddns.net

# Reference: https://twitter.com/drb_ra/status/1608273548073922560

43.139.156.186:443

# Reference: https://twitter.com/drb_ra/status/1608275546290683904

4.205.51.119:8084

# Reference: https://twitter.com/drb_ra/status/1608275629690228736

154.7.253.59:8080

# Reference: https://twitter.com/drb_ra/status/1608275947693961221

http://8.209.215.82

# Reference: https://twitter.com/drb_ra/status/1608276264238084096

103.100.157.214:88

# Reference: https://twitter.com/drb_ra/status/1608427381676539905

101.43.109.197:8080

# Reference: https://twitter.com/drb_ra/status/1608530748415377416

1.15.141.252:443

# Reference: https://twitter.com/drb_ra/status/1608531028720717826

114.132.204.191:443

# Reference: https://twitter.com/MichalKoczwara/status/1608756413874212865

8.210.141.104:8000

# Reference: https://twitter.com/drb_ra/status/1608550588844851202

198.55.96.55:10001

# Reference: https://twitter.com/drb_ra/status/1608550647124590598

216.24.243.168:443

# Reference: https://twitter.com/drb_ra/status/1608550684059701249

104.243.35.146:8081

# Reference: https://twitter.com/drb_ra/status/1608550766742061057

103.100.157.207:88

# Reference: https://twitter.com/drb_ra/status/1608550811231031296

154.92.15.67:33389

# Reference: https://twitter.com/drb_ra/status/1608550922275233798

167.235.150.252:444

# Reference: https://twitter.com/drb_ra/status/1608551060687265792

154.26.192.35:443

# Reference: https://twitter.com/drb_ra/status/1608551216312639488

cdnverificationlinks.com
api.cdnverificationlinks.com
msupdate.cdnverificationlinks.com

# Reference: https://twitter.com/drb_ra/status/1608551540918304772

c-c-backelmjyx.cn-shanghai.fcapp.run

# Reference: https://twitter.com/drb_ra/status/1608551613530005505

185.225.70.147:9443

# Reference: https://twitter.com/drb_ra/status/1608577900902600704

http://3.145.195.94

# Reference: https://twitter.com/drb_ra/status/1608580310400122885

140.143.232.178:8081

# Reference: https://twitter.com/drb_ra/status/1608654028321210369

http://35.236.161.97

# Reference: https://twitter.com/drb_ra/status/1608654053650878465

154.83.14.152:2080

# Reference: https://twitter.com/drb_ra/status/1608654528710168577

http://51.91.99.2

# Reference: https://twitter.com/drb_ra/status/1608654584511078402

http://23.227.193.33

# Reference: https://twitter.com/drb_ra/status/1608654779089043456

107.174.186.22:8091

# Reference: https://twitter.com/drb_ra/status/1608654810579869696

http://140.210.218.254

# Reference: https://twitter.com/drb_ra/status/1608654852510326786

43.156.3.238:2096

# Reference: https://twitter.com/drb_ra/status/1608654998040100869

4.234.97.10:8443
amazooon.ga
jijiya.amazooon.ga

# Reference: https://twitter.com/drb_ra/status/1608655159961190402

23.227.193.33:443

# Reference: https://twitter.com/drb_ra/status/1608655244031844352

d3ktcnc1w6pd1f.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1608770120339300355

101.34.76.186:443

# Reference: https://twitter.com/drb_ra/status/1608770844553056256

5.188.86.237:443
/messages/M7so250O7gw3QLSuuuMkwnE3V
/M7so250O7gw3QLSuuuMkwnE3V

# Reference: https://twitter.com/drb_ra/status/1608771977136709635
# Reference: https://twitter.com/drb_ra/status/1608830889655427074

http://101.34.83.66
101.34.83.66:443

# Reference: https://twitter.com/drb_ra/status/1608782563933306881

110.41.131.105:7777

# Reference: https://twitter.com/drb_ra/status/1608784770237976576

kar98k.icu

# Reference: https://twitter.com/drb_ra/status/1608786327872458753

http://140.143.232.178
http://61.163.146.230

# Reference: https://twitter.com/drb_ra/status/1608787601271439360

101.43.240.159:801

# Reference: https://twitter.com/drb_ra/status/1608810446273892353

39.101.67.58:443

# Reference: https://twitter.com/drb_ra/status/1608813638382505985

49.232.222.254:9443

# Reference: https://twitter.com/drb_ra/status/1608814254039220224

d2vl0gdro49u3c.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1608830625036865537

d194zjmj02lpmi.cloudfront.net

# Reference: https://twitter.com/drb_ra/status/1608833548894470144

159.138.29.51:443

# Reference: https://twitter.com/drb_ra/status/1608836054152318977

140.210.218.254:7777

# Reference: https://twitter.com/drb_ra/status/1608837348363567107

falsespace.space

# Reference: https://twitter.com/drb_ra/status/1608839102560108544

45.148.120.196:443

# Reference: https://twitter.com/drb_ra/status/1609000257664188418

188.166.208.240:2096
360niubiclass.tk
searchme.360niubiclass.tk

# Reference: https://twitter.com/drb_ra/status/1609000367496241153

195.133.11.134:2222

# Reference: https://twitter.com/drb_ra/status/1609000665035988993

xia0hel.tk

# Reference: https://twitter.com/drb_ra/status/1609001099951759361

5.188.86.194:443

# Reference: https://twitter.com/drb_ra/status/1609117009060446208

117.50.175.21:443

# Reference: https://www.virustotal.com/gui/file/40a12d67c7e0e4f2620a3c4c4341de875265c6661aaad384de6238f8cdf8d111/detection

117.50.175.21:77

# Reference: https://twitter.com/drb_ra/status/1609147019628527620

43.156.3.238:2095

# Reference: https://twitter.com/drb_ra/status/1609147644521201665
# Reference: https://twitter.com/drb_ra/status/1609148674206060544

http://185.227.154.118
185.227.154.118:443

# Reference: https://twitter.com/drb_ra/status/1609148642908164096

service-bqos07se-1301870681.gz.apigw.tencentcs.com

# Reference: https://twitter.com/drb_ra/status/1609150367488434176

124.221.133.199:8080
