# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/
# Reference: https://github.com/volexity/threat-intel/blob/main/2022/2022-06-15%20DriftingCloud%20-%20Zero-Day%20Sophos%20Firewall%20Exploitation%20and%20an%20Insidious%20Breach/indicators/indicators.csv

http://158.247.200.24
http://180.149.38.136
http://185.82.218.66
http://192.248.152.58
http://209.250.231.67
http://5.188.228.40
http://95.85.71.20
http://95.85.71.23
akamprod.com
servusers.com
u2d.servusers.com
googleanalytics.proxydns.com