Update June 2023

2023-06-23 09:10:04 +02:00 · 2023-06-23 09:10:04 +02:00 · 0955ba53e2
parent b057cc617d
commit 0955ba53e2
159 changed files with 17762 additions and 15274 deletions
--- a/Files/README.md
+++ b/Files/README.md
@ -0,0 +1,64 @@
+# .IMG Files - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [.IMG Files](https://vuldb.com/?actor..img_files). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor..img_files](https://vuldb.com/?actor..img_files)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with .IMG Files:
+
+* [CN](https://vuldb.com/?country.cn)
+* [US](https://vuldb.com/?country.us)
+* [DE](https://vuldb.com/?country.de)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of .IMG Files.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [185.101.94.172](https://vuldb.com/?ip.185.101.94.172) | kruxaw.de | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _.IMG Files_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+2 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+3 | T1505 | CWE-89 | SQL Injection | High
+4 | ... | ... | ... | ...
+
+There are 1 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by .IMG Files. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/uncpath/` | Medium
+2 | File | `PARAM.SFO` | Medium
+3 | File | `prod.php` | Medium
+4 | ... | ... | ...
+
+There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://blogs.cisco.com/security/disk-image-deception-incident-response
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/0ktapus/README.md
+++ b/actors/0ktapus/README.md
@ -93,7 +93,7 @@ ID | Type | Indicator | Confidence
 36 | File | `/uncpath/` | Medium
 37 | ... | ... | ...

-There are 320 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/5ss5c/README.md
+++ b/actors/5ss5c/README.md
@ -0,0 +1,53 @@
+# 5ss5c - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [5ss5c](https://vuldb.com/?actor.5ss5c). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.5ss5c](https://vuldb.com/?actor.5ss5c)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with 5ss5c:
+
+* [CN](https://vuldb.com/?country.cn)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of 5ss5c.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [58.221.158.90](https://vuldb.com/?ip.58.221.158.90) | - | - | High
+2 | [61.186.243.2](https://vuldb.com/?ip.61.186.243.2) | - | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _5ss5c_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by 5ss5c. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `rpc.kstatd` | Medium
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://bartblaze.blogspot.com/2020/01/satan-ransomware-rebrands-as-5ss5c.html?m=1
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/APT-C-36/README.md
+++ b/actors/APT-C-36/README.md
@ -79,52 +79,47 @@ ID | Type | Indicator | Confidence
 28 | File | `/index.php?app=main&func=passport&action=login` | High
 29 | File | `/index.php?page=category_list` | High
 30 | File | `/items/view_item.php` | High
-31 | File | `/jsoa/hntdCustomDesktopActionContent` | High
-32 | File | `/lookin/info` | Medium
-33 | File | `/manager/index.php` | High
+31 | File | `/jobinfo/` | Medium
+32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+33 | File | `/lookin/info` | Medium
 34 | File | `/medical/inventories.php` | High
 35 | File | `/modules/profile/index.php` | High
-36 | File | `/modules/projects/vw_files.php` | High
-37 | File | `/modules/public/calendar.php` | High
-38 | File | `/Moosikay/order.php` | High
-39 | File | `/mygym/admin/index.php?view_exercises` | High
-40 | File | `/newsDia.php` | Medium
-41 | File | `/opac/Actions.php?a=login` | High
-42 | File | `/out.php` | Medium
-43 | File | `/php-opos/index.php` | High
-44 | File | `/PreviewHandler.ashx` | High
-45 | File | `/proxy` | Low
-46 | File | `/public/launchNewWindow.jsp` | High
-47 | File | `/Redcock-Farm/farm/category.php` | High
-48 | File | `/reports/rwservlet` | High
-49 | File | `/reservation/add_message.php` | High
-50 | File | `/sacco_shield/manage_user.php` | High
-51 | File | `/spip.php` | Medium
-52 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-53 | File | `/staff/bookdetails.php` | High
-54 | File | `/uncpath/` | Medium
-55 | File | `/user/updatePwd` | High
-56 | File | `/user/update_booking.php` | High
-57 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
-58 | File | `/wireless/security.asp` | High
-59 | File | `/wordpress/wp-admin/options-general.php` | High
-60 | File | `/wp-admin/admin-ajax.php` | High
-61 | File | `01article.php` | High
-62 | File | `a-forms.php` | Medium
-63 | File | `AbstractScheduleJob.java` | High
-64 | File | `actionphp/download.File.php` | High
-65 | File | `activenews_view.asp` | High
-66 | File | `adclick.php` | Medium
-67 | File | `addtocart.asp` | High
-68 | File | `admin.a6mambocredits.php` | High
-69 | File | `admin.cropcanvas.php` | High
-70 | File | `admin.php` | Medium
-71 | File | `admin/abc.php` | High
-72 | File | `admin/admin.php?action=users&mode=info&user=2` | High
-73 | File | `admin/admin/adminsave.html` | High
-74 | ... | ... | ...
+36 | File | `/modules/public/calendar.php` | High
+37 | File | `/Moosikay/order.php` | High
+38 | File | `/mygym/admin/index.php?view_exercises` | High
+39 | File | `/newsDia.php` | Medium
+40 | File | `/opac/Actions.php?a=login` | High
+41 | File | `/out.php` | Medium
+42 | File | `/php-opos/index.php` | High
+43 | File | `/PreviewHandler.ashx` | High
+44 | File | `/proxy` | Low
+45 | File | `/public/launchNewWindow.jsp` | High
+46 | File | `/Redcock-Farm/farm/category.php` | High
+47 | File | `/reports/rwservlet` | High
+48 | File | `/reservation/add_message.php` | High
+49 | File | `/spip.php` | Medium
+50 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
+51 | File | `/staff/bookdetails.php` | High
+52 | File | `/uncpath/` | Medium
+53 | File | `/user/updatePwd` | High
+54 | File | `/user/update_booking.php` | High
+55 | File | `/var/lib/docker/<remapping>` | High
+56 | File | `/wireless/security.asp` | High
+57 | File | `/wp-admin/admin-ajax.php` | High
+58 | File | `01article.php` | High
+59 | File | `a-forms.php` | Medium
+60 | File | `AbstractScheduleJob.java` | High
+61 | File | `actionphp/download.File.php` | High
+62 | File | `activenews_view.asp` | High
+63 | File | `adclick.php` | Medium
+64 | File | `admin.a6mambocredits.php` | High
+65 | File | `admin.cropcanvas.php` | High
+66 | File | `admin.php` | Medium
+67 | File | `admin/abc.php` | High
+68 | File | `admin/admin.php?action=users&mode=info&user=2` | High
+69 | ... | ... | ...

-There are 647 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 607 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/APT10/README.md
+++ b/actors/APT10/README.md
@ -119,7 +119,7 @@ ID | Type | Indicator | Confidence
 33 | File | `addentry.php` | Medium
 34 | ... | ... | ...

-There are 295 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 292 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/APT27/README.md
+++ b/actors/APT27/README.md
@ -102,7 +102,7 @@ ID | Type | Indicator | Confidence
 39 | File | `admin_gallery.php3` | High
 40 | ... | ... | ...

-There are 348 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/APT29/README.md
+++ b/actors/APT29/README.md
@ -70,7 +70,7 @@ ID | Technique | Weakness | Description | Confidence
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 19 more TTP items available. Please use our online service to access the data.
+There are 20 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -93,36 +93,37 @@ ID | Type | Indicator | Confidence
 13 | File | `/api/v2/cli/commands` | High
 14 | File | `/app/options.py` | High
 15 | File | `/attachments` | Medium
-16 | File | `/boat/login.php` | High
-17 | File | `/bsms_ci/index.php/book` | High
-18 | File | `/cgi-bin` | Medium
-19 | File | `/cgi-bin/luci/api/wireless` | High
-20 | File | `/cgi-bin/wlogin.cgi` | High
-21 | File | `/context/%2e/WEB-INF/web.xml` | High
-22 | File | `/dashboard/reports/logs/view` | High
-23 | File | `/debian/patches/load_ppp_generic_if_needed` | High
-24 | File | `/debug/pprof` | Medium
-25 | File | `/DXR.axd` | Medium
-26 | File | `/etc/hosts` | Medium
-27 | File | `/forum/away.php` | High
-28 | File | `/goform/setmac` | High
-29 | File | `/goform/wizard_end` | High
-30 | File | `/manage-apartment.php` | High
-31 | File | `/medicines/profile.php` | High
-32 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
-33 | File | `/owa/auth/logon.aspx` | High
-34 | File | `/pages/apply_vacancy.php` | High
-35 | File | `/proc/<PID>/mem` | High
-36 | File | `/project/PROJECTNAME/reports/` | High
-37 | File | `/proxy` | Low
-38 | File | `/reservation/add_message.php` | High
-39 | File | `/spip.php` | Medium
-40 | File | `/tmp` | Low
-41 | File | `/uncpath/` | Medium
-42 | File | `/upload` | Low
-43 | ... | ... | ...
+16 | File | `/bin/ate` | Medium
+17 | File | `/boat/login.php` | High
+18 | File | `/bsms_ci/index.php/book` | High
+19 | File | `/cgi-bin` | Medium
+20 | File | `/cgi-bin/luci/api/wireless` | High
+21 | File | `/cgi-bin/wlogin.cgi` | High
+22 | File | `/context/%2e/WEB-INF/web.xml` | High
+23 | File | `/dashboard/reports/logs/view` | High
+24 | File | `/debian/patches/load_ppp_generic_if_needed` | High
+25 | File | `/debug/pprof` | Medium
+26 | File | `/DXR.axd` | Medium
+27 | File | `/env` | Low
+28 | File | `/etc/hosts` | Medium
+29 | File | `/forum/away.php` | High
+30 | File | `/goform/setmac` | High
+31 | File | `/goform/wizard_end` | High
+32 | File | `/manage-apartment.php` | High
+33 | File | `/medicines/profile.php` | High
+34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+35 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
+36 | File | `/owa/auth/logon.aspx` | High
+37 | File | `/pages/apply_vacancy.php` | High
+38 | File | `/php-sms/admin/?page=user/manage_user` | High
+39 | File | `/proc/<PID>/mem` | High
+40 | File | `/project/PROJECTNAME/reports/` | High
+41 | File | `/proxy` | Low
+42 | File | `/reservation/add_message.php` | High
+43 | File | `/spip.php` | Medium
+44 | ... | ... | ...

-There are 369 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 381 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/APT3/README.md
+++ b/actors/APT3/README.md
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...

-There are 26 more country items available. Please use our online service to access the data.
+There are 24 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -58,35 +58,35 @@ ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `/+CSCOE+/logon.html` | High
 2 | File | `/.ssh/authorized_keys` | High
-3 | File | `/ajax/networking/get_netcfg.php` | High
-4 | File | `/api/gen/clients/{language}` | High
-5 | File | `/app/options.py` | High
-6 | File | `/bin/httpd` | Medium
-7 | File | `/cgi-bin/wapopen` | High
-8 | File | `/ci_spms/admin/category` | High
-9 | File | `/ci_spms/admin/search/searching/` | High
-10 | File | `/classes/Master.php?f=delete_appointment` | High
-11 | File | `/classes/Master.php?f=delete_train` | High
-12 | File | `/cms/print.php` | High
-13 | File | `/concat?/%2557EB-INF/web.xml` | High
-14 | File | `/Content/Template/root/reverse-shell.aspx` | High
-15 | File | `/ctcprotocol/Protocol` | High
-16 | File | `/dashboard/menu-list.php` | High
-17 | File | `/data/remove` | Medium
-18 | File | `/ebics-server/ebics.aspx` | High
-19 | File | `/ffos/classes/Master.php?f=save_category` | High
-20 | File | `/forum/away.php` | High
-21 | File | `/goforms/rlminfo` | High
-22 | File | `/HNAP1` | Low
-23 | File | `/HNAP1/SetClientInfo` | High
-24 | File | `/Items/*/RemoteImages/Download` | High
-25 | File | `/menu.html` | Medium
-26 | File | `/modules/profile/index.php` | High
-27 | File | `/navigate/navigate_download.php` | High
-28 | File | `/ocwbs/admin/?page=user/manage_user` | High
-29 | File | `/ofrs/admin/?page=user/manage_user` | High
-30 | File | `/out.php` | Medium
-31 | File | `/owa/auth/logon.aspx` | High
+3 | File | `/ajax.php?action=read_msg` | High
+4 | File | `/ajax/networking/get_netcfg.php` | High
+5 | File | `/api/gen/clients/{language}` | High
+6 | File | `/app/options.py` | High
+7 | File | `/bin/httpd` | Medium
+8 | File | `/cgi-bin/wapopen` | High
+9 | File | `/ci_spms/admin/category` | High
+10 | File | `/ci_spms/admin/search/searching/` | High
+11 | File | `/classes/Master.php?f=delete_appointment` | High
+12 | File | `/classes/Master.php?f=delete_train` | High
+13 | File | `/cms/print.php` | High
+14 | File | `/concat?/%2557EB-INF/web.xml` | High
+15 | File | `/Content/Template/root/reverse-shell.aspx` | High
+16 | File | `/ctcprotocol/Protocol` | High
+17 | File | `/dashboard/menu-list.php` | High
+18 | File | `/data/remove` | Medium
+19 | File | `/ebics-server/ebics.aspx` | High
+20 | File | `/ffos/classes/Master.php?f=save_category` | High
+21 | File | `/forum/away.php` | High
+22 | File | `/goforms/rlminfo` | High
+23 | File | `/HNAP1` | Low
+24 | File | `/HNAP1/SetClientInfo` | High
+25 | File | `/Items/*/RemoteImages/Download` | High
+26 | File | `/menu.html` | Medium
+27 | File | `/modules/profile/index.php` | High
+28 | File | `/navigate/navigate_download.php` | High
+29 | File | `/ocwbs/admin/?page=user/manage_user` | High
+30 | File | `/ofrs/admin/?page=user/manage_user` | High
+31 | File | `/out.php` | Medium
 32 | File | `/password.html` | High
 33 | File | `/php_action/fetchSelectedUser.php` | High
 34 | File | `/proc/ioports` | High
@ -100,10 +100,9 @@ ID | Type | Indicator | Confidence
 42 | File | `/spip.php` | Medium
 43 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
 44 | File | `/sys/dict/queryTableData` | High
-45 | File | `/tmp` | Low
-46 | ... | ... | ...
+45 | ... | ... | ...

-There are 403 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Acidbox/README.md
+++ b/actors/Acidbox/README.md
@ -0,0 +1,30 @@
+# Acidbox - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Acidbox](https://vuldb.com/?actor.acidbox). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.acidbox](https://vuldb.com/?actor.acidbox)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Acidbox.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [2.2.0.0](https://vuldb.com/?ip.2.2.0.0) | - | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://unit42.paloaltonetworks.com/acidbox-rare-malware/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/ActionSpy/README.md
+++ b/actors/ActionSpy/README.md
@ -0,0 +1,30 @@
+# ActionSpy - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [ActionSpy](https://vuldb.com/?actor.actionspy). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.actionspy](https://vuldb.com/?actor.actionspy)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of ActionSpy.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [114.215.41.93](https://vuldb.com/?ip.114.215.41.93) | - | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://blog.trendmicro.com/trendlabs-security-intelligence/new-android-spyware-actionspy-revealed-via-phishing-attacks-from-earth-empusa/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Unknown/README.md
+++ b/Unknown/README.md
@ -3967,10 +3967,10 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-29, CWE-35, CWE-36 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-21, CWE-22, CWE-29, CWE-35, CWE-36, CWE-50 | Pathname Traversal | High
+2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
+4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
 5 | ... | ... | ... | ...

 There are 18 more TTP items available. Please use our online service to access the data.
@ -3993,53 +3993,51 @@ ID | Type | Indicator | Confidence
 10 | File | `/admin/report/index.php` | High
 11 | File | `/admin/user/manage_user.php` | High
 12 | File | `/admin/userprofile.php` | High
-13 | File | `/cgi-bin/activate.cgi` | High
-14 | File | `/cgi-bin/kerbynet` | High
-15 | File | `/cgi-bin/wapopen` | High
-16 | File | `/cgi-bin/wlogin.cgi` | High
-17 | File | `/classes/Master.php?f=delete_service` | High
-18 | File | `/classes/Master.php?f=save_course` | High
-19 | File | `/E-mobile/App/System/File/downfile.php` | High
-20 | File | `/Electron/download` | High
-21 | File | `/export` | Low
-22 | File | `/feeds/post/publish` | High
-23 | File | `/form/index.php?module=getjson` | High
-24 | File | `/forum/away.php` | High
-25 | File | `/goform/addRouting` | High
-26 | File | `/goform/form2Wan.cgi` | High
-27 | File | `/goform/WifiGuestSet` | High
-28 | File | `/inc/jquery/uploadify/uploadify.php` | High
-29 | File | `/inc/topBarNav.php` | High
-30 | File | `/index.php/archives/1/comment` | High
-31 | File | `/index.php?app=main&func=passport&action=login` | High
-32 | File | `/index.php?page=category_list` | High
-33 | File | `/KK_LS9ReportingPortal/GetData` | High
-34 | File | `/Moosikay/order.php` | High
-35 | File | `/opac/Actions.php?a=login` | High
-36 | File | `/PreviewHandler.ashx` | High
-37 | File | `/proxy` | Low
-38 | File | `/public/launchNewWindow.jsp` | High
-39 | File | `/queuing/login.php` | High
-40 | File | `/reservation/add_message.php` | High
-41 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
-42 | File | `/send_order.cgi?parameter=access_detect` | High
-43 | File | `/spip.php` | Medium
-44 | File | `/text/pdf/PdfReader.java` | High
-45 | File | `/ueditor/net/controller.ashx?action=catchimage` | High
-46 | File | `/upload` | Low
-47 | File | `/user/updatePwd` | High
-48 | File | `/utils/ToHtmlServlet.java` | High
-49 | File | `/vaccinated/admin/maintenance/manage_location.php` | High
-50 | File | `/var/log/nginx/html/ADMINPASS` | High
-51 | File | `/var/log/webfsd.log` | High
-52 | File | `/wbms/classes/Master.php?f=delete_client` | High
-53 | File | `/wp-admin/admin-ajax.php` | High
-54 | File | `/xxl-job-admin/user/add` | High
-55 | File | `404Like.php` | Medium
-56 | File | `a-forms.php` | Medium
-57 | ... | ... | ...
+13 | File | `/api/upload.php` | High
+14 | File | `/application/common.php#action_log` | High
+15 | File | `/bin/ate` | Medium
+16 | File | `/bitrix/admin/ldap_server_edit.php` | High
+17 | File | `/cgi-bin/activate.cgi` | High
+18 | File | `/cgi-bin/kerbynet` | High
+19 | File | `/cgi-bin/wapopen` | High
+20 | File | `/cgi-bin/wlogin.cgi` | High
+21 | File | `/classes/Master.php?f=delete_service` | High
+22 | File | `/classes/Master.php?f=save_course` | High
+23 | File | `/classes/Users.php?f=save` | High
+24 | File | `/E-mobile/App/System/File/downfile.php` | High
+25 | File | `/Electron/download` | High
+26 | File | `/export` | Low
+27 | File | `/feeds/post/publish` | High
+28 | File | `/form/index.php?module=getjson` | High
+29 | File | `/forum/away.php` | High
+30 | File | `/goForm/aspForm` | High
+31 | File | `/goform/form2Wan.cgi` | High
+32 | File | `/inc/jquery/uploadify/uploadify.php` | High
+33 | File | `/inc/topBarNav.php` | High
+34 | File | `/index.php/archives/1/comment` | High
+35 | File | `/index.php?app=main&func=passport&action=login` | High
+36 | File | `/index.php?page=category_list` | High
+37 | File | `/jobinfo/` | Medium
+38 | File | `/KK_LS9ReportingPortal/GetData` | High
+39 | File | `/librarian/bookdetails.php` | High
+40 | File | `/login.php` | Medium
+41 | File | `/Moosikay/order.php` | High
+42 | File | `/opac/Actions.php?a=login` | High
+43 | File | `/PreviewHandler.ashx` | High
+44 | File | `/proxy` | Low
+45 | File | `/queuing/login.php` | High
+46 | File | `/reservation/add_message.php` | High
+47 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
+48 | File | `/send_order.cgi?parameter=access_detect` | High
+49 | File | `/sys/user/querySysUser?username=admin` | High
+50 | File | `/text/pdf/PdfReader.java` | High
+51 | File | `/ueditor/net/controller.ashx?action=catchimage` | High
+52 | File | `/upload` | Low
+53 | File | `/user/updatePwd` | High
+54 | File | `/utils/ToHtmlServlet.java` | High
+55 | ... | ... | ...

-There are 494 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 481 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Stealer/README.md
+++ b/Stealer/README.md
@ -44,19 +44,20 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/admin/login.php` | High
-2 | File | `/api/file_uploader.php` | High
-3 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
-4 | File | `/mgmt/tm/util/bash` | High
-5 | File | `/mifs/c/i/reg/reg.html` | High
-6 | File | `/secure/admin/ViewInstrumentation.jspa` | High
-7 | File | `/secure/ViewCollectors` | High
-8 | File | `/Session` | Medium
-9 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
-10 | File | `adclick.php` | Medium
-11 | File | `add_comment.php` | High
-12 | File | `board.php` | Medium
-13 | ... | ... | ...
+1 | File | `/+CSCOE+/logon.html` | High
+2 | File | `/admin/login.php` | High
+3 | File | `/api/file_uploader.php` | High
+4 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
+5 | File | `/mgmt/tm/util/bash` | High
+6 | File | `/mifs/c/i/reg/reg.html` | High
+7 | File | `/secure/admin/ViewInstrumentation.jspa` | High
+8 | File | `/secure/ViewCollectors` | High
+9 | File | `/Session` | Medium
+10 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
+11 | File | `adclick.php` | Medium
+12 | File | `add_comment.php` | High
+13 | File | `board.php` | Medium
+14 | ... | ... | ...

 There are 106 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

--- a/actors/Amadey/README.md
+++ b/actors/Amadey/README.md
@ -100,34 +100,34 @@ ID | Type | Indicator | Confidence
 17 | File | `/api/stl/actions/search` | High
 18 | File | `/api/v2/cli/commands` | High
 19 | File | `/APR/login.php` | High
-20 | File | `/bin/httpd` | Medium
-21 | File | `/boat/login.php` | High
-22 | File | `/cgi-bin` | Medium
-23 | File | `/cgi-bin/wapopen` | High
-24 | File | `/cgi-bin/wlogin.cgi` | High
-25 | File | `/College/admin/teacher.php` | High
-26 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
-27 | File | `/dcim/rack-roles/` | High
-28 | File | `/debug/pprof` | Medium
-29 | File | `/env` | Low
-30 | File | `/feeds/post/publish` | High
-31 | File | `/film-rating.php` | High
-32 | File | `/forum/away.php` | High
-33 | File | `/goform/aspForm` | High
-34 | File | `/home/masterConsole` | High
-35 | File | `/home/sendBroadcast` | High
-36 | File | `/inc/jquery/uploadify/uploadify.php` | High
-37 | File | `/inc/topBarNav.php` | High
-38 | File | `/index.php` | Medium
-39 | File | `/index.php?app=main&func=passport&action=login` | High
-40 | File | `/index.php?page=category_list` | High
-41 | File | `/jobinfo/` | Medium
-42 | File | `/kelas/data` | Medium
-43 | File | `/librarian/bookdetails.php` | High
-44 | File | `/Moosikay/order.php` | High
-45 | File | `/mygym/admin/index.php?view_exercises` | High
-46 | File | `/opac/Actions.php?a=login` | High
-47 | File | `/php-opos/index.php` | High
+20 | File | `/bin/ate` | Medium
+21 | File | `/bin/httpd` | Medium
+22 | File | `/boat/login.php` | High
+23 | File | `/cgi-bin` | Medium
+24 | File | `/cgi-bin/wapopen` | High
+25 | File | `/cgi-bin/wlogin.cgi` | High
+26 | File | `/College/admin/teacher.php` | High
+27 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
+28 | File | `/dcim/rack-roles/` | High
+29 | File | `/debug/pprof` | Medium
+30 | File | `/env` | Low
+31 | File | `/feeds/post/publish` | High
+32 | File | `/film-rating.php` | High
+33 | File | `/forum/away.php` | High
+34 | File | `/goform/aspForm` | High
+35 | File | `/inc/jquery/uploadify/uploadify.php` | High
+36 | File | `/inc/topBarNav.php` | High
+37 | File | `/index.php` | Medium
+38 | File | `/index.php?app=main&func=passport&action=login` | High
+39 | File | `/index.php?page=category_list` | High
+40 | File | `/jobinfo/` | Medium
+41 | File | `/kelas/data` | Medium
+42 | File | `/librarian/bookdetails.php` | High
+43 | File | `/Moosikay/order.php` | High
+44 | File | `/mygym/admin/index.php?view_exercises` | High
+45 | File | `/opac/Actions.php?a=login` | High
+46 | File | `/php-opos/index.php` | High
+47 | File | `/php-sms/admin/?page=user/manage_user` | High
 48 | File | `/PreviewHandler.ashx` | High
 49 | File | `/public/launchNewWindow.jsp` | High
 50 | File | `/reservation/add_message.php` | High
@ -147,7 +147,7 @@ ID | Type | Indicator | Confidence
 64 | File | `admin.a6mambocredits.php` | High
 65 | ... | ... | ...

-There are 574 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 565 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Asacub/README.md
+++ b/actors/Asacub/README.md
@ -0,0 +1,79 @@
+# Asacub - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Asacub](https://vuldb.com/?actor.asacub). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.asacub](https://vuldb.com/?actor.asacub)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Asacub:
+
+* [US](https://vuldb.com/?country.us)
+* [DE](https://vuldb.com/?country.de)
+* [IT](https://vuldb.com/?country.it)
+* ...
+
+There are 5 more country items available. Please use our online service to access the data.
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Asacub.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [5.45.73.24](https://vuldb.com/?ip.5.45.73.24) | - | - | High
+2 | [5.45.74.130](https://vuldb.com/?ip.5.45.74.130) | - | - | High
+3 | [155.133.82.181](https://vuldb.com/?ip.155.133.82.181) | - | - | High
+4 | ... | ... | ... | ...
+
+There are 11 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Asacub_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-94 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 13 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Asacub. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `.DS_Store` | Medium
+2 | File | `/.vnc/sesman_${username}_passwd` | High
+3 | File | `/ajax-files/postComment.php` | High
+4 | File | `/cgi-bin/editBookmark` | High
+5 | File | `/etc/luminex/pkgmgr` | High
+6 | File | `/goform/langSwitch` | High
+7 | File | `/rom-0` | Low
+8 | File | `add.php` | Low
+9 | File | `add_comment.php` | High
+10 | File | `add_quiz.php` | Medium
+11 | ... | ... | ...
+
+There are 88 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Unknown/README.md
+++ b/Unknown/README.md
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Asia Unknown:

 * [VN](https://vuldb.com/?country.vn)
+* [CN](https://vuldb.com/?country.cn)
 * [US](https://vuldb.com/?country.us)
-* [IO](https://vuldb.com/?country.io)
 * ...

-There are 18 more country items available. Please use our online service to access the data.
+There are 24 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -24949,345 +24949,9 @@ ID | IP address | Hostname | Campaign | Confidence
 24926 | [58.73.0.0](https://vuldb.com/?ip.58.73.0.0) | - | - | High
 24927 | [58.74.0.0](https://vuldb.com/?ip.58.74.0.0) | - | - | High
 24928 | [58.76.0.0](https://vuldb.com/?ip.58.76.0.0) | - | - | High
-24929 | [58.80.0.0](https://vuldb.com/?ip.58.80.0.0) | 58x80x0x0.ap58.ftth.ucom.ne.jp | - | High
-24930 | [58.82.0.0](https://vuldb.com/?ip.58.82.0.0) | - | - | High
-24931 | [58.82.128.0](https://vuldb.com/?ip.58.82.128.0) | - | - | High
-24932 | [58.82.129.0](https://vuldb.com/?ip.58.82.129.0) | - | - | High
-24933 | [58.82.130.0](https://vuldb.com/?ip.58.82.130.0) | - | - | High
-24934 | [58.82.132.0](https://vuldb.com/?ip.58.82.132.0) | 0.132.82.58.static-corp.jastel.co.th | - | High
-24935 | [58.82.136.0](https://vuldb.com/?ip.58.82.136.0) | 0.136.82.58.static-corp.jastel.co.th | - | High
-24936 | [58.82.144.0](https://vuldb.com/?ip.58.82.144.0) | - | - | High
-24937 | [58.82.160.0](https://vuldb.com/?ip.58.82.160.0) | 0.160.82.58.static-corp.jastel.co.th | - | High
-24938 | [58.82.192.0](https://vuldb.com/?ip.58.82.192.0) | - | - | High
-24939 | [58.82.203.0](https://vuldb.com/?ip.58.82.203.0) | - | - | High
-24940 | [58.82.204.0](https://vuldb.com/?ip.58.82.204.0) | - | - | High
-24941 | [58.82.209.0](https://vuldb.com/?ip.58.82.209.0) | - | - | High
-24942 | [58.82.210.0](https://vuldb.com/?ip.58.82.210.0) | - | - | High
-24943 | [58.82.242.0](https://vuldb.com/?ip.58.82.242.0) | - | - | High
-24944 | [58.83.0.0](https://vuldb.com/?ip.58.83.0.0) | - | - | High
-24945 | [58.84.0.0](https://vuldb.com/?ip.58.84.0.0) | - | - | High
-24946 | [58.84.4.0](https://vuldb.com/?ip.58.84.4.0) | - | - | High
-24947 | [58.84.5.0](https://vuldb.com/?ip.58.84.5.0) | - | - | High
-24948 | [58.84.6.0](https://vuldb.com/?ip.58.84.6.0) | - | - | High
-24949 | [58.84.8.0](https://vuldb.com/?ip.58.84.8.0) | - | - | High
-24950 | [58.84.12.0](https://vuldb.com/?ip.58.84.12.0) | - | - | High
-24951 | [58.84.14.0](https://vuldb.com/?ip.58.84.14.0) | - | - | High
-24952 | [58.84.16.0](https://vuldb.com/?ip.58.84.16.0) | - | - | High
-24953 | [58.84.20.0](https://vuldb.com/?ip.58.84.20.0) | 58.84.20.0.static-uttarpradesheast.powertel.in | - | High
-24954 | [58.84.24.0](https://vuldb.com/?ip.58.84.24.0) | 58.84.24.0.static-mumbai.powertel.in | - | High
-24955 | [58.84.28.0](https://vuldb.com/?ip.58.84.28.0) | - | - | High
-24956 | [58.84.32.0](https://vuldb.com/?ip.58.84.32.0) | - | - | High
-24957 | [58.84.39.0](https://vuldb.com/?ip.58.84.39.0) | - | - | High
-24958 | [58.84.40.0](https://vuldb.com/?ip.58.84.40.0) | - | - | High
-24959 | [58.84.42.0](https://vuldb.com/?ip.58.84.42.0) | - | - | High
-24960 | [58.84.44.0](https://vuldb.com/?ip.58.84.44.0) | - | - | High
-24961 | [58.84.52.0](https://vuldb.com/?ip.58.84.52.0) | Host-by.nerocloud.io | - | High
-24962 | [58.84.56.0](https://vuldb.com/?ip.58.84.56.0) | 0-56.netsolutioninc.com | - | High
-24963 | [58.84.240.0](https://vuldb.com/?ip.58.84.240.0) | - | - | High
-24964 | [58.85.0.0](https://vuldb.com/?ip.58.85.0.0) | - | - | High
-24965 | [58.86.0.0](https://vuldb.com/?ip.58.86.0.0) | - | - | High
-24966 | [58.87.16.0](https://vuldb.com/?ip.58.87.16.0) | user16-0.rcn.ne.jp | - | High
-24967 | [58.87.32.0](https://vuldb.com/?ip.58.87.32.0) | - | - | High
-24968 | [58.87.64.0](https://vuldb.com/?ip.58.87.64.0) | - | - | High
-24969 | [58.87.128.0](https://vuldb.com/?ip.58.87.128.0) | - | - | High
-24970 | [58.88.0.0](https://vuldb.com/?ip.58.88.0.0) | - | - | High
-24971 | [58.96.160.0](https://vuldb.com/?ip.58.96.160.0) | - | - | High
-24972 | [58.96.192.0](https://vuldb.com/?ip.58.96.192.0) | 0.192.96.58.starhub.net.sg | - | High
-24973 | [58.97.0.0](https://vuldb.com/?ip.58.97.0.0) | 58-97-0-0.static.asianet.co.th | - | High
-24974 | [58.97.64.0](https://vuldb.com/?ip.58.97.64.0) | 58-97-64-0.static.asianet.co.th | - | High
-24975 | [58.97.96.0](https://vuldb.com/?ip.58.97.96.0) | 58-97-96-0.static.asianet.co.th | - | High
-24976 | [58.97.104.0](https://vuldb.com/?ip.58.97.104.0) | 58-97-104-0.static.asianet.co.th | - | High
-24977 | [58.97.108.0](https://vuldb.com/?ip.58.97.108.0) | 58-97-108-0.static.asianet.co.th | - | High
-24978 | [58.97.110.0](https://vuldb.com/?ip.58.97.110.0) | 58-97-110-0.static.asianet.co.th | - | High
-24979 | [58.97.111.0](https://vuldb.com/?ip.58.97.111.0) | 58-97-111-0.static.asianet.co.th | - | High
-24980 | [58.97.112.0](https://vuldb.com/?ip.58.97.112.0) | - | - | High
-24981 | [58.97.136.0](https://vuldb.com/?ip.58.97.136.0) | - | - | High
-24982 | [58.97.144.0](https://vuldb.com/?ip.58.97.144.0) | - | - | High
-24983 | [58.97.160.0](https://vuldb.com/?ip.58.97.160.0) | - | - | High
-24984 | [58.97.192.0](https://vuldb.com/?ip.58.97.192.0) | - | - | High
-24985 | [58.97.208.0](https://vuldb.com/?ip.58.97.208.0) | - | - | High
-24986 | [58.97.216.0](https://vuldb.com/?ip.58.97.216.0) | - | - | High
-24987 | [58.97.218.0](https://vuldb.com/?ip.58.97.218.0) | - | - | High
-24988 | [58.97.219.0](https://vuldb.com/?ip.58.97.219.0) | - | - | High
-24989 | [58.97.220.0](https://vuldb.com/?ip.58.97.220.0) | - | - | High
-24990 | [58.97.224.0](https://vuldb.com/?ip.58.97.224.0) | - | - | High
-24991 | [58.98.0.0](https://vuldb.com/?ip.58.98.0.0) | - | - | High
-24992 | [58.99.0.0](https://vuldb.com/?ip.58.99.0.0) | - | - | High
-24993 | [58.99.128.0](https://vuldb.com/?ip.58.99.128.0) | - | - | High
-24994 | [58.100.0.0](https://vuldb.com/?ip.58.100.0.0) | - | - | High
-24995 | [58.102.0.0](https://vuldb.com/?ip.58.102.0.0) | - | - | High
-24996 | [58.112.0.0](https://vuldb.com/?ip.58.112.0.0) | - | - | High
-24997 | [58.114.0.0](https://vuldb.com/?ip.58.114.0.0) | - | - | High
-24998 | [58.116.0.0](https://vuldb.com/?ip.58.116.0.0) | - | - | High
-24999 | [58.120.0.0](https://vuldb.com/?ip.58.120.0.0) | - | - | High
-25000 | [58.128.0.0](https://vuldb.com/?ip.58.128.0.0) | - | - | High
-25001 | [58.136.0.0](https://vuldb.com/?ip.58.136.0.0) | - | - | High
-25002 | [58.138.0.0](https://vuldb.com/?ip.58.138.0.0) | 0.0.138.58.dy.bbexcite.jp | - | High
-25003 | [58.138.128.0](https://vuldb.com/?ip.58.138.128.0) | - | - | High
-25004 | [58.138.192.0](https://vuldb.com/?ip.58.138.192.0) | - | - | High
-25005 | [58.139.0.0](https://vuldb.com/?ip.58.139.0.0) | - | - | High
-25006 | [58.140.0.0](https://vuldb.com/?ip.58.140.0.0) | - | - | High
-25007 | [58.144.0.0](https://vuldb.com/?ip.58.144.0.0) | - | - | High
-25008 | [58.145.0.0](https://vuldb.com/?ip.58.145.0.0) | - | - | High
-25009 | [58.145.160.0](https://vuldb.com/?ip.58.145.160.0) | - | - | High
-25010 | [58.145.168.0](https://vuldb.com/?ip.58.145.168.0) | - | - | High
-25011 | [58.145.176.0](https://vuldb.com/?ip.58.145.176.0) | - | - | High
-25012 | [58.145.184.0](https://vuldb.com/?ip.58.145.184.0) | - | - | High
-25013 | [58.145.192.0](https://vuldb.com/?ip.58.145.192.0) | - | - | High
-25014 | [58.145.224.0](https://vuldb.com/?ip.58.145.224.0) | - | - | High
-25015 | [58.145.225.0](https://vuldb.com/?ip.58.145.225.0) | - | - | High
-25016 | [58.145.226.0](https://vuldb.com/?ip.58.145.226.0) | 58-145-226-0.revdns.pacificinternet.com | - | High
-25017 | [58.145.227.0](https://vuldb.com/?ip.58.145.227.0) | 58-145-227-0.revdns.pacificinternet.com | - | High
-25018 | [58.145.228.0](https://vuldb.com/?ip.58.145.228.0) | - | - | High
-25019 | [58.145.229.0](https://vuldb.com/?ip.58.145.229.0) | 58-145-229-0.revdns.pacificinternet.com | - | High
-25020 | [58.145.230.0](https://vuldb.com/?ip.58.145.230.0) | 58-145-230-0.revdns.pacificinternet.com | - | High
-25021 | [58.145.231.0](https://vuldb.com/?ip.58.145.231.0) | 58-145-231-0.revdns.pacificinternet.com | - | High
-25022 | [58.145.232.0](https://vuldb.com/?ip.58.145.232.0) | 58-145-232-0.revdns.pacificinternet.com | - | High
-25023 | [58.145.233.0](https://vuldb.com/?ip.58.145.233.0) | 58-145-233-0.revdns.pacificinternet.com | - | High
-25024 | [58.145.234.0](https://vuldb.com/?ip.58.145.234.0) | - | - | High
-25025 | [58.145.236.0](https://vuldb.com/?ip.58.145.236.0) | 58-145-236-0.revdns.pacificinternet.com | - | High
-25026 | [58.145.240.0](https://vuldb.com/?ip.58.145.240.0) | - | - | High
-25027 | [58.146.0.0](https://vuldb.com/?ip.58.146.0.0) | h058-146-000-000.user.starcat.ne.jp | - | High
-25028 | [58.146.64.0](https://vuldb.com/?ip.58.146.64.0) | h058-146-064-000.user.starcat.ne.jp | - | High
-25029 | [58.146.96.0](https://vuldb.com/?ip.58.146.96.0) | host-589610.fivenetwork.com | - | High
-25030 | [58.146.128.0](https://vuldb.com/?ip.58.146.128.0) | 0.128.146.58.starhub.net.sg | - | High
-25031 | [58.146.192.0](https://vuldb.com/?ip.58.146.192.0) | - | - | High
-25032 | [58.147.0.0](https://vuldb.com/?ip.58.147.0.0) | - | - | High
-25033 | [58.147.128.0](https://vuldb.com/?ip.58.147.128.0) | - | - | High
-25034 | [58.147.160.0](https://vuldb.com/?ip.58.147.160.0) | - | - | High
-25035 | [58.147.168.0](https://vuldb.com/?ip.58.147.168.0) | - | - | High
-25036 | [58.147.176.0](https://vuldb.com/?ip.58.147.176.0) | - | - | High
-25037 | [58.147.184.0](https://vuldb.com/?ip.58.147.184.0) | - | - | High
-25038 | [58.147.184.4](https://vuldb.com/?ip.58.147.184.4) | - | - | High
-25039 | [58.147.184.6](https://vuldb.com/?ip.58.147.184.6) | - | - | High
-25040 | [58.147.184.8](https://vuldb.com/?ip.58.147.184.8) | - | - | High
-25041 | [58.147.184.12](https://vuldb.com/?ip.58.147.184.12) | - | - | High
-25042 | [58.147.184.14](https://vuldb.com/?ip.58.147.184.14) | - | - | High
-25043 | [58.147.184.16](https://vuldb.com/?ip.58.147.184.16) | - | - | High
-25044 | [58.147.184.24](https://vuldb.com/?ip.58.147.184.24) | - | - | High
-25045 | [58.147.184.26](https://vuldb.com/?ip.58.147.184.26) | - | - | High
-25046 | [58.147.184.28](https://vuldb.com/?ip.58.147.184.28) | - | - | High
-25047 | [58.147.184.32](https://vuldb.com/?ip.58.147.184.32) | - | - | High
-25048 | [58.147.184.34](https://vuldb.com/?ip.58.147.184.34) | - | - | High
-25049 | [58.147.184.36](https://vuldb.com/?ip.58.147.184.36) | - | - | High
-25050 | [58.147.184.40](https://vuldb.com/?ip.58.147.184.40) | - | - | High
-25051 | [58.147.184.48](https://vuldb.com/?ip.58.147.184.48) | - | - | High
-25052 | [58.147.184.50](https://vuldb.com/?ip.58.147.184.50) | - | - | High
-25053 | [58.147.184.52](https://vuldb.com/?ip.58.147.184.52) | - | - | High
-25054 | [58.147.184.56](https://vuldb.com/?ip.58.147.184.56) | - | - | High
-25055 | [58.147.184.64](https://vuldb.com/?ip.58.147.184.64) | - | - | High
-25056 | [58.147.184.128](https://vuldb.com/?ip.58.147.184.128) | - | - | High
-25057 | [58.147.185.0](https://vuldb.com/?ip.58.147.185.0) | - | - | High
-25058 | [58.147.186.0](https://vuldb.com/?ip.58.147.186.0) | - | - | High
-25059 | [58.147.188.0](https://vuldb.com/?ip.58.147.188.0) | - | - | High
-25060 | [58.147.189.0](https://vuldb.com/?ip.58.147.189.0) | - | - | High
-25061 | [58.147.189.32](https://vuldb.com/?ip.58.147.189.32) | - | - | High
-25062 | [58.147.189.48](https://vuldb.com/?ip.58.147.189.48) | - | - | High
-25063 | [58.147.189.52](https://vuldb.com/?ip.58.147.189.52) | - | - | High
-25064 | [58.147.189.54](https://vuldb.com/?ip.58.147.189.54) | - | - | High
-25065 | [58.147.189.56](https://vuldb.com/?ip.58.147.189.56) | - | - | High
-25066 | [58.147.189.64](https://vuldb.com/?ip.58.147.189.64) | - | - | High
-25067 | [58.147.189.128](https://vuldb.com/?ip.58.147.189.128) | - | - | High
-25068 | [58.147.190.0](https://vuldb.com/?ip.58.147.190.0) | - | - | High
-25069 | [58.147.192.0](https://vuldb.com/?ip.58.147.192.0) | - | - | High
-25070 | [58.148.0.0](https://vuldb.com/?ip.58.148.0.0) | - | - | High
-25071 | [58.152.0.0](https://vuldb.com/?ip.58.152.0.0) | n058152000000.netvigator.com | - | High
-25072 | [58.154.0.0](https://vuldb.com/?ip.58.154.0.0) | - | - | High
-25073 | [58.156.0.0](https://vuldb.com/?ip.58.156.0.0) | 58x156x0x0.ap58.ftth.ucom.ne.jp | - | High
-25074 | [58.176.0.0](https://vuldb.com/?ip.58.176.0.0) | - | - | High
-25075 | [58.180.0.0](https://vuldb.com/?ip.58.180.0.0) | - | - | High
-25076 | [58.181.0.0](https://vuldb.com/?ip.58.181.0.0) | - | - | High
-25077 | [58.181.96.0](https://vuldb.com/?ip.58.181.96.0) | - | - | High
-25078 | [58.181.128.0](https://vuldb.com/?ip.58.181.128.0) | - | - | High
-25079 | [58.182.0.0](https://vuldb.com/?ip.58.182.0.0) | 0.0.182.58.starhub.net.sg | - | High
-25080 | [58.183.0.0](https://vuldb.com/?ip.58.183.0.0) | - | - | High
-25081 | [58.184.0.0](https://vuldb.com/?ip.58.184.0.0) | - | - | High
-25082 | [58.185.0.0](https://vuldb.com/?ip.58.185.0.0) | - | - | High
-25083 | [58.186.0.0](https://vuldb.com/?ip.58.186.0.0) | - | - | High
-25084 | [58.186.128.0](https://vuldb.com/?ip.58.186.128.0) | - | - | High
-25085 | [58.186.160.0](https://vuldb.com/?ip.58.186.160.0) | - | - | High
-25086 | [58.186.161.0](https://vuldb.com/?ip.58.186.161.0) | - | - | High
-25087 | [58.186.161.2](https://vuldb.com/?ip.58.186.161.2) | - | - | High
-25088 | [58.186.161.4](https://vuldb.com/?ip.58.186.161.4) | - | - | High
-25089 | [58.186.161.6](https://vuldb.com/?ip.58.186.161.6) | - | - | High
-25090 | [58.186.161.8](https://vuldb.com/?ip.58.186.161.8) | - | - | High
-25091 | [58.186.161.12](https://vuldb.com/?ip.58.186.161.12) | - | - | High
-25092 | [58.186.161.16](https://vuldb.com/?ip.58.186.161.16) | - | - | High
-25093 | [58.186.161.24](https://vuldb.com/?ip.58.186.161.24) | - | - | High
-25094 | [58.186.161.26](https://vuldb.com/?ip.58.186.161.26) | - | - | High
-25095 | [58.186.161.28](https://vuldb.com/?ip.58.186.161.28) | - | - | High
-25096 | [58.186.161.32](https://vuldb.com/?ip.58.186.161.32) | - | - | High
-25097 | [58.186.161.64](https://vuldb.com/?ip.58.186.161.64) | - | - | High
-25098 | [58.186.161.128](https://vuldb.com/?ip.58.186.161.128) | - | - | High
-25099 | [58.186.162.0](https://vuldb.com/?ip.58.186.162.0) | - | - | High
-25100 | [58.186.164.0](https://vuldb.com/?ip.58.186.164.0) | - | - | High
-25101 | [58.186.168.0](https://vuldb.com/?ip.58.186.168.0) | - | - | High
-25102 | [58.186.176.0](https://vuldb.com/?ip.58.186.176.0) | - | - | High
-25103 | [58.186.192.0](https://vuldb.com/?ip.58.186.192.0) | - | - | High
-25104 | [58.187.0.0](https://vuldb.com/?ip.58.187.0.0) | - | - | High
-25105 | [58.188.0.0](https://vuldb.com/?ip.58.188.0.0) | 58-188-0-0f1.hyg2.eonet.ne.jp | - | High
-25106 | [58.192.0.0](https://vuldb.com/?ip.58.192.0.0) | - | - | High
-25107 | [58.224.0.0](https://vuldb.com/?ip.58.224.0.0) | - | - | High
-25108 | [58.240.0.0](https://vuldb.com/?ip.58.240.0.0) | - | - | High
-25109 | [59.0.0.0](https://vuldb.com/?ip.59.0.0.0) | - | - | High
-25110 | [59.32.0.0](https://vuldb.com/?ip.59.32.0.0) | 0.0.32.59.broad.hy.gd.dynamic.163data.com.cn | - | High
-25111 | [59.64.0.0](https://vuldb.com/?ip.59.64.0.0) | - | - | High
-25112 | [59.80.0.0](https://vuldb.com/?ip.59.80.0.0) | - | - | High
-25113 | [59.82.0.0](https://vuldb.com/?ip.59.82.0.0) | - | - | High
-25114 | [59.82.2.0](https://vuldb.com/?ip.59.82.2.0) | - | - | High
-25115 | [59.82.4.0](https://vuldb.com/?ip.59.82.4.0) | - | - | High
-25116 | [59.82.6.0](https://vuldb.com/?ip.59.82.6.0) | - | - | High
-25117 | [59.82.8.0](https://vuldb.com/?ip.59.82.8.0) | - | - | High
-25118 | [59.82.16.0](https://vuldb.com/?ip.59.82.16.0) | - | - | High
-25119 | [59.82.32.0](https://vuldb.com/?ip.59.82.32.0) | - | - | High
-25120 | [59.82.64.0](https://vuldb.com/?ip.59.82.64.0) | - | - | High
-25121 | [59.82.80.0](https://vuldb.com/?ip.59.82.80.0) | - | - | High
-25122 | [59.82.84.0](https://vuldb.com/?ip.59.82.84.0) | - | - | High
-25123 | [59.82.86.0](https://vuldb.com/?ip.59.82.86.0) | - | - | High
-25124 | [59.82.88.0](https://vuldb.com/?ip.59.82.88.0) | - | - | High
-25125 | [59.82.96.0](https://vuldb.com/?ip.59.82.96.0) | - | - | High
-25126 | [59.82.128.0](https://vuldb.com/?ip.59.82.128.0) | - | - | High
-25127 | [59.83.0.0](https://vuldb.com/?ip.59.83.0.0) | - | - | High
-25128 | [59.83.64.0](https://vuldb.com/?ip.59.83.64.0) | - | - | High
-25129 | [59.83.128.0](https://vuldb.com/?ip.59.83.128.0) | - | - | High
-25130 | [59.83.136.0](https://vuldb.com/?ip.59.83.136.0) | - | - | High
-25131 | [59.83.144.0](https://vuldb.com/?ip.59.83.144.0) | - | - | High
-25132 | [59.83.160.0](https://vuldb.com/?ip.59.83.160.0) | - | - | High
-25133 | [59.83.180.0](https://vuldb.com/?ip.59.83.180.0) | - | - | High
-25134 | [59.83.184.0](https://vuldb.com/?ip.59.83.184.0) | - | - | High
-25135 | [59.83.192.0](https://vuldb.com/?ip.59.83.192.0) | - | - | High
-25136 | [59.83.224.0](https://vuldb.com/?ip.59.83.224.0) | - | - | High
-25137 | [59.83.232.0](https://vuldb.com/?ip.59.83.232.0) | - | - | High
-25138 | [59.83.236.0](https://vuldb.com/?ip.59.83.236.0) | - | - | High
-25139 | [59.83.240.0](https://vuldb.com/?ip.59.83.240.0) | - | - | High
-25140 | [59.84.0.0](https://vuldb.com/?ip.59.84.0.0) | p000.net059084000.tnc.ne.jp | - | High
-25141 | [59.86.0.0](https://vuldb.com/?ip.59.86.0.0) | p000.net059086000.tnc.ne.jp | - | High
-25142 | [59.86.128.0](https://vuldb.com/?ip.59.86.128.0) | 0.net059086128.t-com.ne.jp | - | High
-25143 | [59.86.192.0](https://vuldb.com/?ip.59.86.192.0) | - | - | High
-25144 | [59.87.0.0](https://vuldb.com/?ip.59.87.0.0) | 59x87x0x0.ap59.ftth.ucom.ne.jp | - | High
-25145 | [59.88.0.0](https://vuldb.com/?ip.59.88.0.0) | - | - | High
-25146 | [59.96.0.0](https://vuldb.com/?ip.59.96.0.0) | - | - | High
-25147 | [59.102.128.0](https://vuldb.com/?ip.59.102.128.0) | - | - | High
-25148 | [59.103.0.0](https://vuldb.com/?ip.59.103.0.0) | - | - | High
-25149 | [59.104.0.0](https://vuldb.com/?ip.59.104.0.0) | - | - | High
-25150 | [59.106.0.0](https://vuldb.com/?ip.59.106.0.0) | - | - | High
-25151 | [59.107.0.0](https://vuldb.com/?ip.59.107.0.0) | - | - | High
-25152 | [59.108.0.0](https://vuldb.com/?ip.59.108.0.0) | - | - | High
-25153 | [59.112.0.0](https://vuldb.com/?ip.59.112.0.0) | 59-112-0-0.dynamic-ip.hinet.net | - | High
-25154 | [59.128.0.0](https://vuldb.com/?ip.59.128.0.0) | - | - | High
-25155 | [59.128.4.0](https://vuldb.com/?ip.59.128.4.0) | - | - | High
-25156 | [59.128.8.0](https://vuldb.com/?ip.59.128.8.0) | - | - | High
-25157 | [59.128.16.0](https://vuldb.com/?ip.59.128.16.0) | ZT016000.ppp.dion.ne.jp | - | High
-25158 | [59.128.32.0](https://vuldb.com/?ip.59.128.32.0) | ZT032000.ppp.dion.ne.jp | - | High
-25159 | [59.128.48.0](https://vuldb.com/?ip.59.128.48.0) | ZT048000.ppp.dion.ne.jp | - | High
-25160 | [59.128.56.0](https://vuldb.com/?ip.59.128.56.0) | - | - | High
-25161 | [59.128.58.0](https://vuldb.com/?ip.59.128.58.0) | - | - | High
-25162 | [59.128.59.0](https://vuldb.com/?ip.59.128.59.0) | - | - | High
-25163 | [59.128.60.0](https://vuldb.com/?ip.59.128.60.0) | - | - | High
-25164 | [59.128.64.0](https://vuldb.com/?ip.59.128.64.0) | - | - | High
-25165 | [59.128.128.0](https://vuldb.com/?ip.59.128.128.0) | - | - | High
-25166 | [59.129.0.0](https://vuldb.com/?ip.59.129.0.0) | KD059129000000.ppp-bb.dion.ne.jp | - | High
-25167 | [59.130.0.0](https://vuldb.com/?ip.59.130.0.0) | - | - | High
-25168 | [59.132.0.0](https://vuldb.com/?ip.59.132.0.0) | - | - | High
-25169 | [59.136.0.0](https://vuldb.com/?ip.59.136.0.0) | KD059136000000.ppp-bb.dion.ne.jp | - | High
-25170 | [59.144.0.0](https://vuldb.com/?ip.59.144.0.0) | - | - | High
-25171 | [59.144.16.0](https://vuldb.com/?ip.59.144.16.0) | - | - | High
-25172 | [59.144.18.0](https://vuldb.com/?ip.59.144.18.0) | - | - | High
-25173 | [59.144.18.128](https://vuldb.com/?ip.59.144.18.128) | aes-static-128.18.144.59.airtel.in | - | High
-25174 | [59.144.18.192](https://vuldb.com/?ip.59.144.18.192) | aes-static-192.18.144.59.airtel.in | - | High
-25175 | [59.144.18.224](https://vuldb.com/?ip.59.144.18.224) | aes-static-224.18.144.59.airtel.in | - | High
-25176 | [59.144.18.240](https://vuldb.com/?ip.59.144.18.240) | aes-static-240.18.144.59.airtel.in | - | High
-25177 | [59.144.18.248](https://vuldb.com/?ip.59.144.18.248) | aes-static-248.18.144.59.airtel.in | - | High
-25178 | [59.144.18.252](https://vuldb.com/?ip.59.144.18.252) | aes-static-252.18.144.59.airtel.in | - | High
-25179 | [59.144.18.254](https://vuldb.com/?ip.59.144.18.254) | aes-static-254.18.144.59.airtel.in | - | High
-25180 | [59.144.18.255](https://vuldb.com/?ip.59.144.18.255) | aes-static-255.18.144.59.airtel.in | - | High
-25181 | [59.144.19.0](https://vuldb.com/?ip.59.144.19.0) | - | - | High
-25182 | [59.144.20.0](https://vuldb.com/?ip.59.144.20.0) | - | - | High
-25183 | [59.144.24.0](https://vuldb.com/?ip.59.144.24.0) | - | - | High
-25184 | [59.144.32.0](https://vuldb.com/?ip.59.144.32.0) | - | - | High
-25185 | [59.144.64.0](https://vuldb.com/?ip.59.144.64.0) | - | - | High
-25186 | [59.144.128.0](https://vuldb.com/?ip.59.144.128.0) | - | - | High
-25187 | [59.145.0.0](https://vuldb.com/?ip.59.145.0.0) | - | - | High
-25188 | [59.145.2.0](https://vuldb.com/?ip.59.145.2.0) | - | - | High
-25189 | [59.145.3.0](https://vuldb.com/?ip.59.145.3.0) | - | - | High
-25190 | [59.145.3.128](https://vuldb.com/?ip.59.145.3.128) | - | - | High
-25191 | [59.145.3.192](https://vuldb.com/?ip.59.145.3.192) | - | - | High
-25192 | [59.145.3.224](https://vuldb.com/?ip.59.145.3.224) | - | - | High
-25193 | [59.145.3.240](https://vuldb.com/?ip.59.145.3.240) | - | - | High
-25194 | [59.145.3.248](https://vuldb.com/?ip.59.145.3.248) | - | - | High
-25195 | [59.145.3.252](https://vuldb.com/?ip.59.145.3.252) | - | - | High
-25196 | [59.145.3.255](https://vuldb.com/?ip.59.145.3.255) | - | - | High
-25197 | [59.145.4.0](https://vuldb.com/?ip.59.145.4.0) | - | - | High
-25198 | [59.145.6.0](https://vuldb.com/?ip.59.145.6.0) | - | - | High
-25199 | [59.145.6.8](https://vuldb.com/?ip.59.145.6.8) | - | - | High
-25200 | [59.145.6.12](https://vuldb.com/?ip.59.145.6.12) | - | - | High
-25201 | [59.145.6.14](https://vuldb.com/?ip.59.145.6.14) | - | - | High
-25202 | [59.145.6.16](https://vuldb.com/?ip.59.145.6.16) | - | - | High
-25203 | [59.145.6.32](https://vuldb.com/?ip.59.145.6.32) | - | - | High
-25204 | [59.145.6.40](https://vuldb.com/?ip.59.145.6.40) | - | - | High
-25205 | [59.145.6.42](https://vuldb.com/?ip.59.145.6.42) | - | - | High
-25206 | [59.145.6.44](https://vuldb.com/?ip.59.145.6.44) | - | - | High
-25207 | [59.145.6.48](https://vuldb.com/?ip.59.145.6.48) | - | - | High
-25208 | [59.145.6.64](https://vuldb.com/?ip.59.145.6.64) | - | - | High
-25209 | [59.145.6.128](https://vuldb.com/?ip.59.145.6.128) | - | - | High
-25210 | [59.145.6.192](https://vuldb.com/?ip.59.145.6.192) | - | - | High
-25211 | [59.145.6.196](https://vuldb.com/?ip.59.145.6.196) | - | - | High
-25212 | [59.145.6.197](https://vuldb.com/?ip.59.145.6.197) | - | - | High
-25213 | [59.145.6.198](https://vuldb.com/?ip.59.145.6.198) | - | - | High
-25214 | [59.145.6.200](https://vuldb.com/?ip.59.145.6.200) | - | - | High
-25215 | [59.145.6.208](https://vuldb.com/?ip.59.145.6.208) | - | - | High
-25216 | [59.145.6.224](https://vuldb.com/?ip.59.145.6.224) | - | - | High
-25217 | [59.145.7.0](https://vuldb.com/?ip.59.145.7.0) | - | - | High
-25218 | [59.145.7.16](https://vuldb.com/?ip.59.145.7.16) | - | - | High
-25219 | [59.145.7.24](https://vuldb.com/?ip.59.145.7.24) | - | - | High
-25220 | [59.145.7.28](https://vuldb.com/?ip.59.145.7.28) | - | - | High
-25221 | [59.145.7.31](https://vuldb.com/?ip.59.145.7.31) | - | - | High
-25222 | [59.145.7.35](https://vuldb.com/?ip.59.145.7.35) | - | - | High
-25223 | [59.145.7.36](https://vuldb.com/?ip.59.145.7.36) | - | - | High
-25224 | [59.145.7.40](https://vuldb.com/?ip.59.145.7.40) | - | - | High
-25225 | [59.145.7.48](https://vuldb.com/?ip.59.145.7.48) | - | - | High
-25226 | [59.145.7.52](https://vuldb.com/?ip.59.145.7.52) | - | - | High
-25227 | [59.145.7.55](https://vuldb.com/?ip.59.145.7.55) | - | - | High
-25228 | [59.145.7.56](https://vuldb.com/?ip.59.145.7.56) | - | - | High
-25229 | [59.145.7.64](https://vuldb.com/?ip.59.145.7.64) | - | - | High
-25230 | [59.145.7.68](https://vuldb.com/?ip.59.145.7.68) | - | - | High
-25231 | [59.145.7.69](https://vuldb.com/?ip.59.145.7.69) | - | - | High
-25232 | [59.145.7.70](https://vuldb.com/?ip.59.145.7.70) | - | - | High
-25233 | [59.145.7.71](https://vuldb.com/?ip.59.145.7.71) | - | - | High
-25234 | [59.145.7.72](https://vuldb.com/?ip.59.145.7.72) | - | - | High
-25235 | [59.145.7.73](https://vuldb.com/?ip.59.145.7.73) | - | - | High
-25236 | [59.145.7.74](https://vuldb.com/?ip.59.145.7.74) | - | - | High
-25237 | [59.145.7.75](https://vuldb.com/?ip.59.145.7.75) | - | - | High
-25238 | [59.145.7.76](https://vuldb.com/?ip.59.145.7.76) | - | - | High
-25239 | [59.145.7.80](https://vuldb.com/?ip.59.145.7.80) | - | - | High
-25240 | [59.145.7.96](https://vuldb.com/?ip.59.145.7.96) | - | - | High
-25241 | [59.145.7.128](https://vuldb.com/?ip.59.145.7.128) | - | - | High
-25242 | [59.145.7.144](https://vuldb.com/?ip.59.145.7.144) | - | - | High
-25243 | [59.145.7.148](https://vuldb.com/?ip.59.145.7.148) | - | - | High
-25244 | [59.145.7.150](https://vuldb.com/?ip.59.145.7.150) | - | - | High
-25245 | [59.145.7.152](https://vuldb.com/?ip.59.145.7.152) | - | - | High
-25246 | [59.145.7.160](https://vuldb.com/?ip.59.145.7.160) | - | - | High
-25247 | [59.145.7.192](https://vuldb.com/?ip.59.145.7.192) | - | - | High
-25248 | [59.145.8.0](https://vuldb.com/?ip.59.145.8.0) | - | - | High
-25249 | [59.145.12.0](https://vuldb.com/?ip.59.145.12.0) | - | - | High
-25250 | [59.145.12.4](https://vuldb.com/?ip.59.145.12.4) | - | - | High
-25251 | [59.145.12.5](https://vuldb.com/?ip.59.145.12.5) | - | - | High
-25252 | [59.145.12.6](https://vuldb.com/?ip.59.145.12.6) | - | - | High
-25253 | [59.145.12.7](https://vuldb.com/?ip.59.145.12.7) | - | - | High
-25254 | [59.145.12.8](https://vuldb.com/?ip.59.145.12.8) | - | - | High
-25255 | [59.145.12.16](https://vuldb.com/?ip.59.145.12.16) | - | - | High
-25256 | [59.145.12.32](https://vuldb.com/?ip.59.145.12.32) | - | - | High
-25257 | [59.145.12.36](https://vuldb.com/?ip.59.145.12.36) | - | - | High
-25258 | [59.145.12.40](https://vuldb.com/?ip.59.145.12.40) | - | - | High
-25259 | [59.145.12.48](https://vuldb.com/?ip.59.145.12.48) | - | - | High
-25260 | [59.145.12.64](https://vuldb.com/?ip.59.145.12.64) | - | - | High
-25261 | [59.145.12.128](https://vuldb.com/?ip.59.145.12.128) | - | - | High
-25262 | [59.145.12.136](https://vuldb.com/?ip.59.145.12.136) | - | - | High
-25263 | [59.145.12.140](https://vuldb.com/?ip.59.145.12.140) | - | - | High
-25264 | [59.145.12.141](https://vuldb.com/?ip.59.145.12.141) | - | - | High
-25265 | ... | ... | ... | ...
+24929 | ... | ... | ... | ...

-There are 101055 more IOC items available. Please use our online service to access the data.
+There are 99711 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -25295,13 +24959,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-25, CWE-29 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-24, CWE-29, CWE-50 | Pathname Traversal | High
 2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
-5 | ... | ... | ... | ...
+4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...

-There are 17 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -25309,33 +24974,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `$HOME/.terminfo` | High
-2 | File | `/?p=products` | Medium
-3 | File | `/action/wirelessConnect` | High
-4 | File | `/admin/configurations/userInfo` | High
-5 | File | `/admin/index.php` | High
-6 | File | `/admin/services/manage_service.php` | High
-7 | File | `/api/users/admin/check` | High
-8 | File | `/backup.pl` | Medium
-9 | File | `/bin/ate` | Medium
-10 | File | `/bin/login` | Medium
-11 | File | `/category/list?limit=10&offset=0&order=desc` | High
-12 | File | `/cgi-bin` | Medium
-13 | File | `/cgi-bin/ping.cgi` | High
-14 | File | `/classes/Master.php` | High
-15 | File | `/classes/Master.php?f=delete_inquiry` | High
-16 | File | `/classes/Master.php?f=delete_item` | High
-17 | File | `/classes/Master.php?f=delete_service` | High
-18 | File | `/classes/Master.php?f=save_service` | High
-19 | File | `/classes/Users.php` | High
-20 | File | `/dosen/data` | Medium
-21 | File | `/etc/networkd-dispatcher` | High
-22 | File | `/eval/admin/manage_class.php` | High
-23 | File | `/export` | Low
-24 | File | `/file_manager/admin/save_user.php` | High
-25 | ... | ... | ...
+1 | File | `/admin/addproduct.php` | High
+2 | File | `/admin/positions_add.php` | High
+3 | File | `/admin/read.php?mudi=announContent` | High
+4 | File | `/api/` | Low
+5 | File | `/api/upload.php` | High
+6 | File | `/api/v1/snapshots` | High
+7 | File | `/api/v2/cli/commands` | High
+8 | File | `/application/common.php#action_log` | High
+9 | File | `/authenticationendpoint/login.do` | High
+10 | File | `/bin/ate` | Medium
+11 | File | `/bin/boa` | Medium
+12 | File | `/bitrix/admin/ldap_server_edit.php` | High
+13 | File | `/bsms_ci/index.php` | High
+14 | File | `/bsms_ci/index.php/user/edit_user/` | High
+15 | File | `/cgi-bin/jumpto.php?class=user&page=config_save&isphp=1` | High
+16 | File | `/cgi-bin/luci` | High
+17 | File | `/changeimage.php` | High
+18 | File | `/classes/Users.php?f=save` | High
+19 | File | `/dottie.js` | Medium
+20 | File | `/download` | Medium
+21 | File | `/DXR.axd` | Medium
+22 | File | `/env` | Low
+23 | File | `/forum/away.php` | High
+24 | File | `/ghost/preview` | High
+25 | File | `/goForm/aspForm` | High
+26 | File | `/goform/setmac` | High
+27 | File | `/goform/setMacFilterCfg` | High
+28 | File | `/hrm/employeeadd.php` | High
+29 | File | `/jobinfo/` | Medium
+30 | File | `/kelasdosen/data` | High
+31 | File | `/link/` | Low
+32 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
+33 | File | `/mc` | Low
+34 | File | `/Objects/unicodeobject.c` | High
+35 | File | `/out.php` | Medium
+36 | File | `/owa/auth/logon.aspx` | High
+37 | File | `/paysystem/branch.php` | High
+38 | File | `/php-inventory-management-system/product.php` | High
+39 | File | `/php-sms/admin/?page=user/manage_user` | High
+40 | ... | ... | ...

-There are 208 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/AsyncRAT/README.md
+++ b/actors/AsyncRAT/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [US](https://vuldb.com/?country.us)
 * ...

-There are 10 more country items available. Please use our online service to access the data.
+There are 11 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -201,120 +201,123 @@ ID | IP address | Hostname | Campaign | Confidence
 178 | [23.129.232.160](https://vuldb.com/?ip.23.129.232.160) | - | - | High
 179 | [23.146.242.100](https://vuldb.com/?ip.23.146.242.100) | - | - | High
 180 | [23.226.77.22](https://vuldb.com/?ip.23.226.77.22) | we.love.servers.at.ioflood.net | - | High
-181 | [23.237.25.246](https://vuldb.com/?ip.23.237.25.246) | - | - | High
-182 | [23.238.217.173](https://vuldb.com/?ip.23.238.217.173) | orja4.teki.notredamians.org | - | High
-183 | [23.254.130.126](https://vuldb.com/?ip.23.254.130.126) | hwsrv-1069616.hostwindsdns.com | - | High
-184 | [23.254.227.121](https://vuldb.com/?ip.23.254.227.121) | hwsrv-1063912.hostwindsdns.com | - | High
-185 | [23.254.231.83](https://vuldb.com/?ip.23.254.231.83) | hwsrv-1070248.hostwindsdns.com | - | High
-186 | [31.41.244.135](https://vuldb.com/?ip.31.41.244.135) | - | - | High
-187 | [31.170.22.28](https://vuldb.com/?ip.31.170.22.28) | - | - | High
-188 | [31.192.236.139](https://vuldb.com/?ip.31.192.236.139) | winupdate02.pserver.ru | - | High
-189 | [31.210.20.79](https://vuldb.com/?ip.31.210.20.79) | - | - | High
-190 | [31.210.20.167](https://vuldb.com/?ip.31.210.20.167) | - | - | High
-191 | [31.210.20.192](https://vuldb.com/?ip.31.210.20.192) | - | - | High
-192 | [31.210.21.188](https://vuldb.com/?ip.31.210.21.188) | linir.top | - | High
-193 | [34.69.119.138](https://vuldb.com/?ip.34.69.119.138) | 138.119.69.34.bc.googleusercontent.com | - | Medium
-194 | [34.71.81.158](https://vuldb.com/?ip.34.71.81.158) | 158.81.71.34.bc.googleusercontent.com | - | Medium
-195 | [34.125.144.45](https://vuldb.com/?ip.34.125.144.45) | 45.144.125.34.bc.googleusercontent.com | - | Medium
-196 | [34.140.211.85](https://vuldb.com/?ip.34.140.211.85) | 85.211.140.34.bc.googleusercontent.com | - | Medium
-197 | [35.239.113.160](https://vuldb.com/?ip.35.239.113.160) | 160.113.239.35.bc.googleusercontent.com | - | Medium
-198 | [36.255.96.200](https://vuldb.com/?ip.36.255.96.200) | - | - | High
-199 | [37.0.8.17](https://vuldb.com/?ip.37.0.8.17) | stokes.springtimemartialarts.com | - | High
-200 | [37.0.8.20](https://vuldb.com/?ip.37.0.8.20) | jacksonirwin.springtimemartialarts.com | - | High
-201 | [37.0.8.67](https://vuldb.com/?ip.37.0.8.67) | willis.capitolreservations.com | - | High
-202 | [37.0.8.93](https://vuldb.com/?ip.37.0.8.93) | shawtran.capitolreservations.com | - | High
-203 | [37.0.8.191](https://vuldb.com/?ip.37.0.8.191) | frederick.athinneru.com | - | High
-204 | [37.0.10.214](https://vuldb.com/?ip.37.0.10.214) | - | - | High
-205 | [37.0.11.45](https://vuldb.com/?ip.37.0.11.45) | - | - | High
-206 | [37.0.11.246](https://vuldb.com/?ip.37.0.11.246) | - | - | High
-207 | [37.0.14.196](https://vuldb.com/?ip.37.0.14.196) | - | - | High
-208 | [37.0.14.197](https://vuldb.com/?ip.37.0.14.197) | - | - | High
-209 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
-210 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
-211 | [37.0.14.204](https://vuldb.com/?ip.37.0.14.204) | - | - | High
-212 | [37.49.230.185](https://vuldb.com/?ip.37.49.230.185) | - | - | High
-213 | [37.120.208.36](https://vuldb.com/?ip.37.120.208.36) | - | - | High
-214 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
-215 | [37.120.212.235](https://vuldb.com/?ip.37.120.212.235) | - | - | High
-216 | [37.120.217.243](https://vuldb.com/?ip.37.120.217.243) | - | - | High
-217 | [37.120.247.24](https://vuldb.com/?ip.37.120.247.24) | - | - | High
-218 | [37.196.152.120](https://vuldb.com/?ip.37.196.152.120) | m37-196-152-120.cust.tele2.se | - | High
-219 | [37.221.121.20](https://vuldb.com/?ip.37.221.121.20) | chvt-mail-129.stashkeen.com | - | High
-220 | [37.221.122.76](https://vuldb.com/?ip.37.221.122.76) | server.modernizmir.net | - | High
-221 | [37.249.78.26](https://vuldb.com/?ip.37.249.78.26) | apn-37-249-78-26.dynamic.gprs.plus.pl | - | High
-222 | [38.17.51.104](https://vuldb.com/?ip.38.17.51.104) | - | - | High
-223 | [38.47.205.151](https://vuldb.com/?ip.38.47.205.151) | - | - | High
-224 | [38.105.209.167](https://vuldb.com/?ip.38.105.209.167) | vmi737189.contaboserver.net | - | High
-225 | [38.130.221.190](https://vuldb.com/?ip.38.130.221.190) | 38.130.221.190.hosted.at.cloudsouth.com | - | High
-226 | [38.132.99.156](https://vuldb.com/?ip.38.132.99.156) | - | - | High
-227 | [38.242.242.149](https://vuldb.com/?ip.38.242.242.149) | vmi1313701.contaboserver.net | - | High
-228 | [40.90.210.21](https://vuldb.com/?ip.40.90.210.21) | - | - | High
-229 | [40.113.131.31](https://vuldb.com/?ip.40.113.131.31) | - | - | High
-230 | [40.118.53.192](https://vuldb.com/?ip.40.118.53.192) | - | - | High
-231 | [40.122.131.23](https://vuldb.com/?ip.40.122.131.23) | - | - | High
-232 | [41.72.146.10](https://vuldb.com/?ip.41.72.146.10) | - | - | High
-233 | [41.141.211.80](https://vuldb.com/?ip.41.141.211.80) | - | - | High
-234 | [41.216.183.61](https://vuldb.com/?ip.41.216.183.61) | - | - | High
-235 | [41.216.183.175](https://vuldb.com/?ip.41.216.183.175) | - | - | High
-236 | [41.250.187.176](https://vuldb.com/?ip.41.250.187.176) | - | - | High
-237 | [41.251.4.158](https://vuldb.com/?ip.41.251.4.158) | - | - | High
-238 | [41.251.51.168](https://vuldb.com/?ip.41.251.51.168) | - | - | High
-239 | [43.138.160.55](https://vuldb.com/?ip.43.138.160.55) | - | - | High
-240 | [43.139.124.22](https://vuldb.com/?ip.43.139.124.22) | - | - | High
-241 | [43.154.97.109](https://vuldb.com/?ip.43.154.97.109) | - | - | High
-242 | [43.226.49.147](https://vuldb.com/?ip.43.226.49.147) | - | - | High
-243 | [43.249.30.55](https://vuldb.com/?ip.43.249.30.55) | - | - | High
-244 | [44.192.67.149](https://vuldb.com/?ip.44.192.67.149) | ec2-44-192-67-149.compute-1.amazonaws.com | - | Medium
-245 | [45.12.253.31](https://vuldb.com/?ip.45.12.253.31) | - | - | High
-246 | [45.12.253.58](https://vuldb.com/?ip.45.12.253.58) | - | - | High
-247 | [45.14.224.94](https://vuldb.com/?ip.45.14.224.94) | web117.excw.nl | - | High
-248 | [45.15.143.183](https://vuldb.com/?ip.45.15.143.183) | - | - | High
-249 | [45.15.143.191](https://vuldb.com/?ip.45.15.143.191) | - | - | High
-250 | [45.15.143.199](https://vuldb.com/?ip.45.15.143.199) | - | - | High
-251 | [45.32.99.249](https://vuldb.com/?ip.45.32.99.249) | 45.32.99.249.vultrusercontent.com | - | High
-252 | [45.32.211.35](https://vuldb.com/?ip.45.32.211.35) | 45.32.211.35.vultrusercontent.com | - | High
-253 | [45.58.190.125](https://vuldb.com/?ip.45.58.190.125) | - | - | High
-254 | [45.66.248.114](https://vuldb.com/?ip.45.66.248.114) | - | - | High
-255 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
-256 | [45.74.38.17](https://vuldb.com/?ip.45.74.38.17) | - | - | High
-257 | [45.76.56.26](https://vuldb.com/?ip.45.76.56.26) | 45.76.56.26.vultrusercontent.com | - | High
-258 | [45.77.142.82](https://vuldb.com/?ip.45.77.142.82) | 45.77.142.82.vultrusercontent.com | - | High
-259 | [45.80.29.139](https://vuldb.com/?ip.45.80.29.139) | hostifox.com.tr | - | High
-260 | [45.80.158.57](https://vuldb.com/?ip.45.80.158.57) | - | - | High
-261 | [45.80.158.65](https://vuldb.com/?ip.45.80.158.65) | - | - | High
-262 | [45.80.158.108](https://vuldb.com/?ip.45.80.158.108) | - | - | High
-263 | [45.80.158.114](https://vuldb.com/?ip.45.80.158.114) | - | - | High
-264 | [45.80.158.116](https://vuldb.com/?ip.45.80.158.116) | - | - | High
-265 | [45.80.158.127](https://vuldb.com/?ip.45.80.158.127) | - | - | High
-266 | [45.80.158.160](https://vuldb.com/?ip.45.80.158.160) | - | - | High
-267 | [45.80.158.237](https://vuldb.com/?ip.45.80.158.237) | - | - | High
-268 | [45.81.243.217](https://vuldb.com/?ip.45.81.243.217) | - | - | High
-269 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
-270 | [45.88.67.12](https://vuldb.com/?ip.45.88.67.12) | - | - | High
-271 | [45.88.79.224](https://vuldb.com/?ip.45.88.79.224) | free.example.com | - | High
-272 | [45.92.1.24](https://vuldb.com/?ip.45.92.1.24) | - | - | High
-273 | [45.92.1.59](https://vuldb.com/?ip.45.92.1.59) | - | - | High
-274 | [45.92.1.71](https://vuldb.com/?ip.45.92.1.71) | - | - | High
-275 | [45.95.168.110](https://vuldb.com/?ip.45.95.168.110) | news.maxko.hr | - | High
-276 | [45.95.168.116](https://vuldb.com/?ip.45.95.168.116) | maxko-hosting.com | - | High
-277 | [45.95.169.112](https://vuldb.com/?ip.45.95.169.112) | xdhmhs.com | - | High
-278 | [45.119.84.166](https://vuldb.com/?ip.45.119.84.166) | - | - | High
-279 | [45.125.48.112](https://vuldb.com/?ip.45.125.48.112) | - | - | High
-280 | [45.131.1.70](https://vuldb.com/?ip.45.131.1.70) | ip.serverscity.net | - | High
-281 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
-282 | [45.133.1.152](https://vuldb.com/?ip.45.133.1.152) | - | - | High
-283 | [45.133.174.122](https://vuldb.com/?ip.45.133.174.122) | - | - | High
-284 | [45.134.140.152](https://vuldb.com/?ip.45.134.140.152) | unn-45-134-140-152.datapacket.com | - | High
-285 | [45.134.142.193](https://vuldb.com/?ip.45.134.142.193) | unn-45-134-142-193.datapacket.com | - | High
-286 | [45.134.142.211](https://vuldb.com/?ip.45.134.142.211) | unn-45-134-142-211.datapacket.com | - | High
-287 | [45.136.4.99](https://vuldb.com/?ip.45.136.4.99) | host-45.136.4.99.saga.net.tr | - | High
-288 | [45.136.4.101](https://vuldb.com/?ip.45.136.4.101) | host-45.136.4.101.saga.net.tr | - | High
-289 | [45.136.6.79](https://vuldb.com/?ip.45.136.6.79) | - | - | High
-290 | [45.137.22.41](https://vuldb.com/?ip.45.137.22.41) | hosted-by.rootlayer.net | - | High
-291 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
-292 | ... | ... | ... | ...
+181 | [23.229.67.133](https://vuldb.com/?ip.23.229.67.133) | gallerymethodwakebottom.as | - | High
+182 | [23.237.25.246](https://vuldb.com/?ip.23.237.25.246) | - | - | High
+183 | [23.238.217.173](https://vuldb.com/?ip.23.238.217.173) | orja4.teki.notredamians.org | - | High
+184 | [23.254.130.126](https://vuldb.com/?ip.23.254.130.126) | hwsrv-1069616.hostwindsdns.com | - | High
+185 | [23.254.227.121](https://vuldb.com/?ip.23.254.227.121) | hwsrv-1063912.hostwindsdns.com | - | High
+186 | [23.254.231.83](https://vuldb.com/?ip.23.254.231.83) | hwsrv-1070248.hostwindsdns.com | - | High
+187 | [31.41.244.135](https://vuldb.com/?ip.31.41.244.135) | - | - | High
+188 | [31.170.22.28](https://vuldb.com/?ip.31.170.22.28) | - | - | High
+189 | [31.192.236.139](https://vuldb.com/?ip.31.192.236.139) | winupdate02.pserver.ru | - | High
+190 | [31.210.20.79](https://vuldb.com/?ip.31.210.20.79) | - | - | High
+191 | [31.210.20.167](https://vuldb.com/?ip.31.210.20.167) | - | - | High
+192 | [31.210.20.192](https://vuldb.com/?ip.31.210.20.192) | - | - | High
+193 | [31.210.21.188](https://vuldb.com/?ip.31.210.21.188) | linir.top | - | High
+194 | [34.69.119.138](https://vuldb.com/?ip.34.69.119.138) | 138.119.69.34.bc.googleusercontent.com | - | Medium
+195 | [34.71.81.158](https://vuldb.com/?ip.34.71.81.158) | 158.81.71.34.bc.googleusercontent.com | - | Medium
+196 | [34.125.144.45](https://vuldb.com/?ip.34.125.144.45) | 45.144.125.34.bc.googleusercontent.com | - | Medium
+197 | [34.140.211.85](https://vuldb.com/?ip.34.140.211.85) | 85.211.140.34.bc.googleusercontent.com | - | Medium
+198 | [35.239.113.160](https://vuldb.com/?ip.35.239.113.160) | 160.113.239.35.bc.googleusercontent.com | - | Medium
+199 | [36.255.96.200](https://vuldb.com/?ip.36.255.96.200) | - | - | High
+200 | [37.0.8.17](https://vuldb.com/?ip.37.0.8.17) | stokes.springtimemartialarts.com | - | High
+201 | [37.0.8.20](https://vuldb.com/?ip.37.0.8.20) | jacksonirwin.springtimemartialarts.com | - | High
+202 | [37.0.8.67](https://vuldb.com/?ip.37.0.8.67) | willis.capitolreservations.com | - | High
+203 | [37.0.8.93](https://vuldb.com/?ip.37.0.8.93) | shawtran.capitolreservations.com | - | High
+204 | [37.0.8.191](https://vuldb.com/?ip.37.0.8.191) | frederick.athinneru.com | - | High
+205 | [37.0.10.214](https://vuldb.com/?ip.37.0.10.214) | - | - | High
+206 | [37.0.11.45](https://vuldb.com/?ip.37.0.11.45) | - | - | High
+207 | [37.0.11.246](https://vuldb.com/?ip.37.0.11.246) | - | - | High
+208 | [37.0.14.196](https://vuldb.com/?ip.37.0.14.196) | - | - | High
+209 | [37.0.14.197](https://vuldb.com/?ip.37.0.14.197) | - | - | High
+210 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
+211 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
+212 | [37.0.14.204](https://vuldb.com/?ip.37.0.14.204) | - | - | High
+213 | [37.49.230.185](https://vuldb.com/?ip.37.49.230.185) | - | - | High
+214 | [37.120.208.36](https://vuldb.com/?ip.37.120.208.36) | - | - | High
+215 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
+216 | [37.120.212.235](https://vuldb.com/?ip.37.120.212.235) | - | - | High
+217 | [37.120.217.243](https://vuldb.com/?ip.37.120.217.243) | - | - | High
+218 | [37.120.247.24](https://vuldb.com/?ip.37.120.247.24) | - | - | High
+219 | [37.196.152.120](https://vuldb.com/?ip.37.196.152.120) | m37-196-152-120.cust.tele2.se | - | High
+220 | [37.221.121.20](https://vuldb.com/?ip.37.221.121.20) | chvt-mail-129.stashkeen.com | - | High
+221 | [37.221.122.76](https://vuldb.com/?ip.37.221.122.76) | server.modernizmir.net | - | High
+222 | [37.249.78.26](https://vuldb.com/?ip.37.249.78.26) | apn-37-249-78-26.dynamic.gprs.plus.pl | - | High
+223 | [38.17.51.104](https://vuldb.com/?ip.38.17.51.104) | - | - | High
+224 | [38.47.205.151](https://vuldb.com/?ip.38.47.205.151) | - | - | High
+225 | [38.105.209.167](https://vuldb.com/?ip.38.105.209.167) | vmi737189.contaboserver.net | - | High
+226 | [38.130.221.190](https://vuldb.com/?ip.38.130.221.190) | 38.130.221.190.hosted.at.cloudsouth.com | - | High
+227 | [38.132.99.156](https://vuldb.com/?ip.38.132.99.156) | - | - | High
+228 | [38.242.242.149](https://vuldb.com/?ip.38.242.242.149) | vmi1313701.contaboserver.net | - | High
+229 | [40.90.210.21](https://vuldb.com/?ip.40.90.210.21) | - | - | High
+230 | [40.113.131.31](https://vuldb.com/?ip.40.113.131.31) | - | - | High
+231 | [40.118.53.192](https://vuldb.com/?ip.40.118.53.192) | - | - | High
+232 | [40.122.131.23](https://vuldb.com/?ip.40.122.131.23) | - | - | High
+233 | [41.72.146.10](https://vuldb.com/?ip.41.72.146.10) | - | - | High
+234 | [41.141.211.80](https://vuldb.com/?ip.41.141.211.80) | - | - | High
+235 | [41.216.183.61](https://vuldb.com/?ip.41.216.183.61) | - | - | High
+236 | [41.216.183.175](https://vuldb.com/?ip.41.216.183.175) | - | - | High
+237 | [41.250.187.176](https://vuldb.com/?ip.41.250.187.176) | - | - | High
+238 | [41.251.4.158](https://vuldb.com/?ip.41.251.4.158) | - | - | High
+239 | [41.251.51.168](https://vuldb.com/?ip.41.251.51.168) | - | - | High
+240 | [43.138.160.55](https://vuldb.com/?ip.43.138.160.55) | - | - | High
+241 | [43.139.124.22](https://vuldb.com/?ip.43.139.124.22) | - | - | High
+242 | [43.154.97.109](https://vuldb.com/?ip.43.154.97.109) | - | - | High
+243 | [43.226.49.147](https://vuldb.com/?ip.43.226.49.147) | - | - | High
+244 | [43.249.30.55](https://vuldb.com/?ip.43.249.30.55) | - | - | High
+245 | [44.192.67.149](https://vuldb.com/?ip.44.192.67.149) | ec2-44-192-67-149.compute-1.amazonaws.com | - | Medium
+246 | [45.12.253.31](https://vuldb.com/?ip.45.12.253.31) | - | - | High
+247 | [45.12.253.58](https://vuldb.com/?ip.45.12.253.58) | - | - | High
+248 | [45.12.253.107](https://vuldb.com/?ip.45.12.253.107) | - | - | High
+249 | [45.14.224.94](https://vuldb.com/?ip.45.14.224.94) | web117.excw.nl | - | High
+250 | [45.15.143.183](https://vuldb.com/?ip.45.15.143.183) | - | - | High
+251 | [45.15.143.191](https://vuldb.com/?ip.45.15.143.191) | - | - | High
+252 | [45.15.143.199](https://vuldb.com/?ip.45.15.143.199) | - | - | High
+253 | [45.32.99.249](https://vuldb.com/?ip.45.32.99.249) | 45.32.99.249.vultrusercontent.com | - | High
+254 | [45.32.211.35](https://vuldb.com/?ip.45.32.211.35) | 45.32.211.35.vultrusercontent.com | - | High
+255 | [45.58.190.125](https://vuldb.com/?ip.45.58.190.125) | - | - | High
+256 | [45.66.248.114](https://vuldb.com/?ip.45.66.248.114) | - | - | High
+257 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
+258 | [45.74.38.17](https://vuldb.com/?ip.45.74.38.17) | - | - | High
+259 | [45.76.56.26](https://vuldb.com/?ip.45.76.56.26) | 45.76.56.26.vultrusercontent.com | - | High
+260 | [45.77.142.82](https://vuldb.com/?ip.45.77.142.82) | 45.77.142.82.vultrusercontent.com | - | High
+261 | [45.80.29.139](https://vuldb.com/?ip.45.80.29.139) | hostifox.com.tr | - | High
+262 | [45.80.158.57](https://vuldb.com/?ip.45.80.158.57) | - | - | High
+263 | [45.80.158.65](https://vuldb.com/?ip.45.80.158.65) | - | - | High
+264 | [45.80.158.108](https://vuldb.com/?ip.45.80.158.108) | - | - | High
+265 | [45.80.158.114](https://vuldb.com/?ip.45.80.158.114) | - | - | High
+266 | [45.80.158.116](https://vuldb.com/?ip.45.80.158.116) | - | - | High
+267 | [45.80.158.127](https://vuldb.com/?ip.45.80.158.127) | - | - | High
+268 | [45.80.158.160](https://vuldb.com/?ip.45.80.158.160) | - | - | High
+269 | [45.80.158.237](https://vuldb.com/?ip.45.80.158.237) | - | - | High
+270 | [45.81.243.217](https://vuldb.com/?ip.45.81.243.217) | - | - | High
+271 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
+272 | [45.88.67.12](https://vuldb.com/?ip.45.88.67.12) | - | - | High
+273 | [45.88.79.224](https://vuldb.com/?ip.45.88.79.224) | free.example.com | - | High
+274 | [45.92.1.24](https://vuldb.com/?ip.45.92.1.24) | - | - | High
+275 | [45.92.1.59](https://vuldb.com/?ip.45.92.1.59) | - | - | High
+276 | [45.92.1.71](https://vuldb.com/?ip.45.92.1.71) | - | - | High
+277 | [45.95.168.110](https://vuldb.com/?ip.45.95.168.110) | news.maxko.hr | - | High
+278 | [45.95.168.116](https://vuldb.com/?ip.45.95.168.116) | maxko-hosting.com | - | High
+279 | [45.95.169.112](https://vuldb.com/?ip.45.95.169.112) | xdhmhs.com | - | High
+280 | [45.119.84.166](https://vuldb.com/?ip.45.119.84.166) | - | - | High
+281 | [45.125.48.112](https://vuldb.com/?ip.45.125.48.112) | - | - | High
+282 | [45.131.1.70](https://vuldb.com/?ip.45.131.1.70) | ip.serverscity.net | - | High
+283 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
+284 | [45.133.1.152](https://vuldb.com/?ip.45.133.1.152) | - | - | High
+285 | [45.133.174.122](https://vuldb.com/?ip.45.133.174.122) | - | - | High
+286 | [45.134.140.152](https://vuldb.com/?ip.45.134.140.152) | unn-45-134-140-152.datapacket.com | - | High
+287 | [45.134.142.193](https://vuldb.com/?ip.45.134.142.193) | unn-45-134-142-193.datapacket.com | - | High
+288 | [45.134.142.211](https://vuldb.com/?ip.45.134.142.211) | unn-45-134-142-211.datapacket.com | - | High
+289 | [45.136.4.99](https://vuldb.com/?ip.45.136.4.99) | host-45.136.4.99.saga.net.tr | - | High
+290 | [45.136.4.101](https://vuldb.com/?ip.45.136.4.101) | host-45.136.4.101.saga.net.tr | - | High
+291 | [45.136.6.79](https://vuldb.com/?ip.45.136.6.79) | - | - | High
+292 | [45.137.22.41](https://vuldb.com/?ip.45.137.22.41) | hosted-by.rootlayer.net | - | High
+293 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
+294 | [45.137.22.111](https://vuldb.com/?ip.45.137.22.111) | hosted-by.rootlayer.net | - | High
+295 | ... | ... | ... | ...

-There are 1162 more IOC items available. Please use our online service to access the data.
+There are 1175 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -322,14 +325,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-29, CWE-50, CWE-425 | Pathname Traversal | High
-2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-50, CWE-425 | Pathname Traversal | High
+2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 18 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -337,37 +340,40 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/admin/?page=user/list` | High
-2 | File | `/admin/addproduct.php` | High
-3 | File | `/admin/ajax.php?action=save_area` | High
-4 | File | `/admin/modal_add_product.php` | High
-5 | File | `/admin/update_s6.php` | High
-6 | File | `/ajax.php?action=read_msg` | High
-7 | File | `/ajax.php?action=save_company` | High
-8 | File | `/api/login` | Medium
-9 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
-10 | File | `/authenticationendpoint/login.do` | High
-11 | File | `/bin/login` | Medium
-12 | File | `/cgi-bin/wlogin.cgi` | High
-13 | File | `/changeimage.php` | High
-14 | File | `/classes/Users.php?f=save` | High
-15 | File | `/DXR.axd` | Medium
-16 | File | `/env` | Low
-17 | File | `/forum/away.php` | High
-18 | File | `/goform/WifiGuestSet` | High
-19 | File | `/HNAP1` | Low
-20 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
-21 | File | `/note/index/delete` | High
-22 | File | `/out.php` | Medium
-23 | File | `/owa/auth/logon.aspx` | High
-24 | File | `/services/indexing/preview` | High
-25 | File | `/tmp/boa-temp` | High
-26 | File | `/userfs/bin/tcapi` | High
-27 | File | `/var/log/nginx` | High
-28 | File | `/wp-admin/admin-ajax.php` | High
-29 | ... | ... | ...
+1 | File | `/admin/addproduct.php` | High
+2 | File | `/admin/modal_add_product.php` | High
+3 | File | `/admin/positions_add.php` | High
+4 | File | `/admin/update_s6.php` | High
+5 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
+6 | File | `/authenticationendpoint/login.do` | High
+7 | File | `/bin/ate` | Medium
+8 | File | `/bin/login` | Medium
+9 | File | `/cgi-bin/luci` | High
+10 | File | `/cgi-bin/wlogin.cgi` | High
+11 | File | `/changeimage.php` | High
+12 | File | `/classes/Users.php?f=save` | High
+13 | File | `/DXR.axd` | Medium
+14 | File | `/env` | Low
+15 | File | `/forum/away.php` | High
+16 | File | `/goform/WifiGuestSet` | High
+17 | File | `/HNAP1` | Low
+18 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
+19 | File | `/mc` | Low
+20 | File | `/note/index/delete` | High
+21 | File | `/out.php` | Medium
+22 | File | `/owa/auth/logon.aspx` | High
+23 | File | `/paysystem/branch.php` | High
+24 | File | `/php-inventory-management-system/product.php` | High
+25 | File | `/php-sms/admin/?page=user/manage_user` | High
+26 | File | `/send_order.cgi?parameter=restart` | High
+27 | File | `/services/indexing/preview` | High
+28 | File | `/tmp/boa-temp` | High
+29 | File | `/userfs/bin/tcapi` | High
+30 | File | `/var/log/nginx` | High
+31 | File | `/wp-admin/admin-ajax.php` | High
+32 | ... | ... | ...

-There are 241 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 270 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -522,6 +528,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/45e87ee0b025a7e4a783a6786564982e7735c8c50d0b3d84a3d5dd90ce735cfe/
 * https://bazaar.abuse.ch/sample/48d3bb7ee9b1c9f5cf62c4e4d72c51fed3564e4cec9909123f836981dfaf02a5/
 * https://bazaar.abuse.ch/sample/52af020a20265e2f5c0f8d483ecf1599142eda108d6aae3b3faf17a9aed927ab/
+* https://bazaar.abuse.ch/sample/54b6c23d9bc5f44ceed5946ffc935a88488d30a848c75568b084b9c9287a3cb2/
 * https://bazaar.abuse.ch/sample/54cbb1c3b1836e762f5b2691728b806787e2345046be361b792a0ce81f894ccd/
 * https://bazaar.abuse.ch/sample/55eb509b981d5340bc517e3dc260faf7716615dd464a1d6424afbdc4e7145c4c/
 * https://bazaar.abuse.ch/sample/61e9ed29484b8aaa84f3a4059e632ffd19b4d852c47e769394b6c2c2b9272b5b/
@ -559,6 +566,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/104f03eca7632ceb0606d4e80068ea0718b4a7d5610bd7b99a40ad1b3c3935c1/
 * https://bazaar.abuse.ch/sample/111a4d926a4c6cf6eab9ad519c381db560fea5aec1ef5ad6ac427f034dbd825d/
 * https://bazaar.abuse.ch/sample/115c836232c435ab4fe25fcb4dd6e4b61ac1648f4844389fce67b232ddf9f6a0/
+* https://bazaar.abuse.ch/sample/124c02ed924e11b06b74e1b8c1290adbb1e50dfa2a7bcf95104c6425a1f82ef5/
 * https://bazaar.abuse.ch/sample/177d453cc267a310d7dc8bbf4128c558feec25095690a31ccb6c388866666bd0/
 * https://bazaar.abuse.ch/sample/212eb072938575c6c669199d58e567df5f04498c7f51c2750936494bd9c1cf6a/
 * https://bazaar.abuse.ch/sample/234f42279e4494e1fe592d5b7ee4b2722fc885d18b6d7878f079e01bb0e123fe/
--- a/Maria/README.md
+++ b/Maria/README.md
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com

 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Ave Maria:

+* [SH](https://vuldb.com/?country.sh)
 * [US](https://vuldb.com/?country.us)
 * [LA](https://vuldb.com/?country.la)
-* [ES](https://vuldb.com/?country.es)
 * ...

-There are 11 more country items available. Please use our online service to access the data.
+There are 5 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -25,85 +25,89 @@ ID | IP address | Hostname | Campaign | Confidence
 2 | [2.56.57.181](https://vuldb.com/?ip.2.56.57.181) | pierce.thebestwebstore.com | - | High
 3 | [2.56.59.70](https://vuldb.com/?ip.2.56.59.70) | - | - | High
 4 | [2.56.59.131](https://vuldb.com/?ip.2.56.59.131) | - | - | High
-5 | [3.92.200.97](https://vuldb.com/?ip.3.92.200.97) | ec2-3-92-200-97.compute-1.amazonaws.com | - | Medium
-6 | [3.126.224.214](https://vuldb.com/?ip.3.126.224.214) | ec2-3-126-224-214.eu-central-1.compute.amazonaws.com | - | Medium
-7 | [5.2.68.82](https://vuldb.com/?ip.5.2.68.82) | - | - | High
-8 | [5.161.139.79](https://vuldb.com/?ip.5.161.139.79) | static.79.139.161.5.clients.your-server.de | - | High
-9 | [5.161.206.28](https://vuldb.com/?ip.5.161.206.28) | static.28.206.161.5.clients.your-server.de | - | High
-10 | [5.206.224.164](https://vuldb.com/?ip.5.206.224.164) | sdfksdkjdfjksf.com | - | High
-11 | [8.212.151.157](https://vuldb.com/?ip.8.212.151.157) | - | - | High
-12 | [13.65.211.207](https://vuldb.com/?ip.13.65.211.207) | - | - | High
-13 | [20.38.45.196](https://vuldb.com/?ip.20.38.45.196) | - | - | High
-14 | [20.91.187.223](https://vuldb.com/?ip.20.91.187.223) | - | - | High
-15 | [20.93.112.114](https://vuldb.com/?ip.20.93.112.114) | - | - | High
-16 | [20.94.63.195](https://vuldb.com/?ip.20.94.63.195) | - | - | High
-17 | [20.98.138.214](https://vuldb.com/?ip.20.98.138.214) | - | - | High
-18 | [20.110.119.15](https://vuldb.com/?ip.20.110.119.15) | - | - | High
-19 | [20.112.127.113](https://vuldb.com/?ip.20.112.127.113) | - | - | High
-20 | [20.114.4.132](https://vuldb.com/?ip.20.114.4.132) | - | - | High
-21 | [20.115.34.57](https://vuldb.com/?ip.20.115.34.57) | - | - | High
-22 | [20.126.95.155](https://vuldb.com/?ip.20.126.95.155) | - | - | High
-23 | [20.168.33.220](https://vuldb.com/?ip.20.168.33.220) | - | - | High
-24 | [23.99.225.116](https://vuldb.com/?ip.23.99.225.116) | - | - | High
-25 | [23.226.130.102](https://vuldb.com/?ip.23.226.130.102) | 23.226.130.102.static.greencloudvps.com | - | High
-26 | [23.227.203.214](https://vuldb.com/?ip.23.227.203.214) | 23-227-203-214.static.hvvc.us | - | High
-27 | [24.152.37.45](https://vuldb.com/?ip.24.152.37.45) | 24-152-37-45.masterdaweb.com | - | High
-28 | [34.92.152.18](https://vuldb.com/?ip.34.92.152.18) | 18.152.92.34.bc.googleusercontent.com | - | Medium
-29 | [35.171.18.39](https://vuldb.com/?ip.35.171.18.39) | ec2-35-171-18-39.compute-1.amazonaws.com | - | Medium
-30 | [37.0.8.145](https://vuldb.com/?ip.37.0.8.145) | elliott.athinneru.com | - | High
-31 | [37.0.11.237](https://vuldb.com/?ip.37.0.11.237) | - | - | High
-32 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
-33 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
-34 | [37.0.14.201](https://vuldb.com/?ip.37.0.14.201) | - | - | High
-35 | [37.0.14.202](https://vuldb.com/?ip.37.0.14.202) | - | - | High
-36 | [37.0.14.205](https://vuldb.com/?ip.37.0.14.205) | - | - | High
-37 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
-38 | [37.0.14.207](https://vuldb.com/?ip.37.0.14.207) | - | - | High
-39 | [37.0.14.208](https://vuldb.com/?ip.37.0.14.208) | - | - | High
-40 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
-41 | [37.0.14.211](https://vuldb.com/?ip.37.0.14.211) | - | - | High
-42 | [37.0.14.212](https://vuldb.com/?ip.37.0.14.212) | - | - | High
-43 | [37.0.14.215](https://vuldb.com/?ip.37.0.14.215) | - | - | High
-44 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
-45 | [37.0.14.217](https://vuldb.com/?ip.37.0.14.217) | - | - | High
-46 | [37.120.206.69](https://vuldb.com/?ip.37.120.206.69) | - | - | High
-47 | [37.139.129.47](https://vuldb.com/?ip.37.139.129.47) | - | - | High
-48 | [37.139.129.100](https://vuldb.com/?ip.37.139.129.100) | - | - | High
-49 | [37.220.87.3](https://vuldb.com/?ip.37.220.87.3) | ipn-37-220-87-3.artem-catv.ru | - | High
-50 | [38.117.65.122](https://vuldb.com/?ip.38.117.65.122) | 38-117-65-122.static-ip.ravand.ca | - | High
-51 | [38.132.114.178](https://vuldb.com/?ip.38.132.114.178) | - | - | High
-52 | [41.185.97.216](https://vuldb.com/?ip.41.185.97.216) | - | - | High
-53 | [41.216.183.52](https://vuldb.com/?ip.41.216.183.52) | - | - | High
-54 | [45.12.253.22](https://vuldb.com/?ip.45.12.253.22) | - | - | High
-55 | [45.12.253.146](https://vuldb.com/?ip.45.12.253.146) | - | - | High
-56 | [45.12.253.202](https://vuldb.com/?ip.45.12.253.202) | - | - | High
-57 | [45.59.119.153](https://vuldb.com/?ip.45.59.119.153) | - | - | High
-58 | [45.59.119.212](https://vuldb.com/?ip.45.59.119.212) | - | - | High
-59 | [45.66.230.108](https://vuldb.com/?ip.45.66.230.108) | - | - | High
-60 | [45.72.96.199](https://vuldb.com/?ip.45.72.96.199) | - | - | High
-61 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
-62 | [45.81.150.32](https://vuldb.com/?ip.45.81.150.32) | - | - | High
-63 | [45.83.129.166](https://vuldb.com/?ip.45.83.129.166) | - | - | High
-64 | [45.87.61.139](https://vuldb.com/?ip.45.87.61.139) | - | - | High
-65 | [45.87.62.181](https://vuldb.com/?ip.45.87.62.181) | - | - | High
-66 | [45.87.63.121](https://vuldb.com/?ip.45.87.63.121) | - | - | High
-67 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
-68 | [45.88.67.63](https://vuldb.com/?ip.45.88.67.63) | - | - | High
-69 | [45.88.67.103](https://vuldb.com/?ip.45.88.67.103) | - | - | High
-70 | [45.88.67.145](https://vuldb.com/?ip.45.88.67.145) | - | - | High
-71 | [45.90.222.97](https://vuldb.com/?ip.45.90.222.97) | 45-90-222-97-hostedby.bcr.host | - | High
-72 | [45.127.101.18](https://vuldb.com/?ip.45.127.101.18) | - | - | High
-73 | [45.132.106.37](https://vuldb.com/?ip.45.132.106.37) | vm4440858.34ssd.had.wf | - | High
-74 | [45.133.1.34](https://vuldb.com/?ip.45.133.1.34) | - | - | High
-75 | [45.135.164.194](https://vuldb.com/?ip.45.135.164.194) | ibera.togeteheran.com | - | High
-76 | [45.137.22.35](https://vuldb.com/?ip.45.137.22.35) | hosted-by.rootlayer.net | - | High
-77 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
-78 | [45.137.22.79](https://vuldb.com/?ip.45.137.22.79) | hosted-by.rootlayer.net | - | High
-79 | [45.137.22.143](https://vuldb.com/?ip.45.137.22.143) | hosted-by.rootlayer.net | - | High
-80 | [45.137.65.132](https://vuldb.com/?ip.45.137.65.132) | vm4266462.34ssd.had.wf | - | High
-81 | ... | ... | ... | ...
+5 | [2.58.56.250](https://vuldb.com/?ip.2.58.56.250) | powered.by.rdp.sh | - | High
+6 | [3.92.200.97](https://vuldb.com/?ip.3.92.200.97) | ec2-3-92-200-97.compute-1.amazonaws.com | - | Medium
+7 | [3.126.224.214](https://vuldb.com/?ip.3.126.224.214) | ec2-3-126-224-214.eu-central-1.compute.amazonaws.com | - | Medium
+8 | [5.2.68.82](https://vuldb.com/?ip.5.2.68.82) | - | - | High
+9 | [5.161.139.79](https://vuldb.com/?ip.5.161.139.79) | static.79.139.161.5.clients.your-server.de | - | High
+10 | [5.161.206.28](https://vuldb.com/?ip.5.161.206.28) | static.28.206.161.5.clients.your-server.de | - | High
+11 | [5.206.224.164](https://vuldb.com/?ip.5.206.224.164) | sdfksdkjdfjksf.com | - | High
+12 | [8.212.151.157](https://vuldb.com/?ip.8.212.151.157) | - | - | High
+13 | [13.65.211.207](https://vuldb.com/?ip.13.65.211.207) | - | - | High
+14 | [20.38.45.196](https://vuldb.com/?ip.20.38.45.196) | - | - | High
+15 | [20.91.187.223](https://vuldb.com/?ip.20.91.187.223) | - | - | High
+16 | [20.93.112.114](https://vuldb.com/?ip.20.93.112.114) | - | - | High
+17 | [20.94.63.195](https://vuldb.com/?ip.20.94.63.195) | - | - | High
+18 | [20.98.138.214](https://vuldb.com/?ip.20.98.138.214) | - | - | High
+19 | [20.110.119.15](https://vuldb.com/?ip.20.110.119.15) | - | - | High
+20 | [20.112.127.113](https://vuldb.com/?ip.20.112.127.113) | - | - | High
+21 | [20.114.4.132](https://vuldb.com/?ip.20.114.4.132) | - | - | High
+22 | [20.115.34.57](https://vuldb.com/?ip.20.115.34.57) | - | - | High
+23 | [20.126.95.155](https://vuldb.com/?ip.20.126.95.155) | - | - | High
+24 | [20.168.33.220](https://vuldb.com/?ip.20.168.33.220) | - | - | High
+25 | [23.99.225.116](https://vuldb.com/?ip.23.99.225.116) | - | - | High
+26 | [23.226.130.102](https://vuldb.com/?ip.23.226.130.102) | 23.226.130.102.static.greencloudvps.com | - | High
+27 | [23.227.203.214](https://vuldb.com/?ip.23.227.203.214) | 23-227-203-214.static.hvvc.us | - | High
+28 | [24.152.37.45](https://vuldb.com/?ip.24.152.37.45) | 24-152-37-45.masterdaweb.com | - | High
+29 | [34.92.152.18](https://vuldb.com/?ip.34.92.152.18) | 18.152.92.34.bc.googleusercontent.com | - | Medium
+30 | [35.171.18.39](https://vuldb.com/?ip.35.171.18.39) | ec2-35-171-18-39.compute-1.amazonaws.com | - | Medium
+31 | [37.0.8.145](https://vuldb.com/?ip.37.0.8.145) | elliott.athinneru.com | - | High
+32 | [37.0.11.237](https://vuldb.com/?ip.37.0.11.237) | - | - | High
+33 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
+34 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
+35 | [37.0.14.201](https://vuldb.com/?ip.37.0.14.201) | - | - | High
+36 | [37.0.14.202](https://vuldb.com/?ip.37.0.14.202) | - | - | High
+37 | [37.0.14.205](https://vuldb.com/?ip.37.0.14.205) | - | - | High
+38 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
+39 | [37.0.14.207](https://vuldb.com/?ip.37.0.14.207) | - | - | High
+40 | [37.0.14.208](https://vuldb.com/?ip.37.0.14.208) | - | - | High
+41 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
+42 | [37.0.14.211](https://vuldb.com/?ip.37.0.14.211) | - | - | High
+43 | [37.0.14.212](https://vuldb.com/?ip.37.0.14.212) | - | - | High
+44 | [37.0.14.215](https://vuldb.com/?ip.37.0.14.215) | - | - | High
+45 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
+46 | [37.0.14.217](https://vuldb.com/?ip.37.0.14.217) | - | - | High
+47 | [37.120.206.69](https://vuldb.com/?ip.37.120.206.69) | - | - | High
+48 | [37.139.129.47](https://vuldb.com/?ip.37.139.129.47) | - | - | High
+49 | [37.139.129.100](https://vuldb.com/?ip.37.139.129.100) | - | - | High
+50 | [37.220.87.3](https://vuldb.com/?ip.37.220.87.3) | ipn-37-220-87-3.artem-catv.ru | - | High
+51 | [38.117.65.122](https://vuldb.com/?ip.38.117.65.122) | 38-117-65-122.static-ip.ravand.ca | - | High
+52 | [38.132.114.178](https://vuldb.com/?ip.38.132.114.178) | - | - | High
+53 | [41.185.97.216](https://vuldb.com/?ip.41.185.97.216) | - | - | High
+54 | [41.216.183.52](https://vuldb.com/?ip.41.216.183.52) | - | - | High
+55 | [45.12.253.22](https://vuldb.com/?ip.45.12.253.22) | - | - | High
+56 | [45.12.253.146](https://vuldb.com/?ip.45.12.253.146) | - | - | High
+57 | [45.12.253.202](https://vuldb.com/?ip.45.12.253.202) | - | - | High
+58 | [45.59.119.153](https://vuldb.com/?ip.45.59.119.153) | - | - | High
+59 | [45.59.119.212](https://vuldb.com/?ip.45.59.119.212) | - | - | High
+60 | [45.66.230.108](https://vuldb.com/?ip.45.66.230.108) | - | - | High
+61 | [45.72.96.199](https://vuldb.com/?ip.45.72.96.199) | - | - | High
+62 | [45.74.4.244](https://vuldb.com/?ip.45.74.4.244) | - | - | High
+63 | [45.81.39.89](https://vuldb.com/?ip.45.81.39.89) | - | - | High
+64 | [45.81.150.32](https://vuldb.com/?ip.45.81.150.32) | - | - | High
+65 | [45.83.129.166](https://vuldb.com/?ip.45.83.129.166) | - | - | High
+66 | [45.87.61.139](https://vuldb.com/?ip.45.87.61.139) | - | - | High
+67 | [45.87.62.181](https://vuldb.com/?ip.45.87.62.181) | - | - | High
+68 | [45.87.63.121](https://vuldb.com/?ip.45.87.63.121) | - | - | High
+69 | [45.88.67.9](https://vuldb.com/?ip.45.88.67.9) | - | - | High
+70 | [45.88.67.63](https://vuldb.com/?ip.45.88.67.63) | - | - | High
+71 | [45.88.67.103](https://vuldb.com/?ip.45.88.67.103) | - | - | High
+72 | [45.88.67.145](https://vuldb.com/?ip.45.88.67.145) | - | - | High
+73 | [45.90.222.97](https://vuldb.com/?ip.45.90.222.97) | 45-90-222-97-hostedby.bcr.host | - | High
+74 | [45.127.101.18](https://vuldb.com/?ip.45.127.101.18) | - | - | High
+75 | [45.132.106.37](https://vuldb.com/?ip.45.132.106.37) | vm4440858.34ssd.had.wf | - | High
+76 | [45.133.1.34](https://vuldb.com/?ip.45.133.1.34) | - | - | High
+77 | [45.135.164.194](https://vuldb.com/?ip.45.135.164.194) | ibera.togeteheran.com | - | High
+78 | [45.137.22.35](https://vuldb.com/?ip.45.137.22.35) | hosted-by.rootlayer.net | - | High
+79 | [45.137.22.70](https://vuldb.com/?ip.45.137.22.70) | hosted-by.rootlayer.net | - | High
+80 | [45.137.22.79](https://vuldb.com/?ip.45.137.22.79) | hosted-by.rootlayer.net | - | High
+81 | [45.137.22.143](https://vuldb.com/?ip.45.137.22.143) | hosted-by.rootlayer.net | - | High
+82 | [45.137.65.132](https://vuldb.com/?ip.45.137.65.132) | vm4266462.34ssd.had.wf | - | High
+83 | [45.137.65.229](https://vuldb.com/?ip.45.137.65.229) | vm4437484.25ssd.had.wf | - | High
+84 | [45.137.116.170](https://vuldb.com/?ip.45.137.116.170) | vps-zap970417-5.zap-srv.com | - | High
+85 | ... | ... | ... | ...

-There are 320 more IOC items available. Please use our online service to access the data.
+There are 338 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -111,14 +115,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
-2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
-4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-5 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
+2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
+3 | T1055 | CWE-74 | Injection | High
+4 | T1059 | CWE-94 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 19 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -126,58 +130,76 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.htaccess` | Medium
-2 | File | `/admin/admin.php?module=admin_group_edit&agID` | High
-3 | File | `/admin/dl_sendmail.php` | High
-4 | File | `/admin/index.php` | High
+1 | File | `/?p=products` | Medium
+2 | File | `/admin/?page=product/manage_product&id=2` | High
+3 | File | `/admin/ajax.php?action=delete_window` | High
+4 | File | `/admin/casedetails.php` | High
 5 | File | `/admin/index2.html` | High
-6 | File | `/admin_giant/add_team_member.php` | High
-7 | File | `/api/v2/cli/commands` | High
-8 | File | `/common/info.cgi` | High
-9 | File | `/etc/shadow` | Medium
-10 | File | `/Forms/` | Low
-11 | File | `/forms/web_importTFTP` | High
-12 | File | `/forum/away.php` | High
-13 | File | `/get_getnetworkconf.cgi` | High
-14 | File | `/goform/setmac` | High
-15 | File | `/HNAP1/SetAccessPointMode` | High
-16 | File | `/integrations.json` | High
-17 | File | `/lists/admin/` | High
-18 | File | `/owa/auth/logon.aspx` | High
-19 | File | `/panel/uploads` | High
-20 | File | `/phppath/php` | Medium
-21 | File | `/public/plugins/` | High
-22 | File | `/secure/QueryComponent!Default.jspa` | High
-23 | File | `/services/details.asp` | High
-24 | File | `/spip.php` | Medium
-25 | File | `/uncpath/` | Medium
-26 | File | `/usr/bin/pkexec` | High
-27 | File | `/var/log/postgresql` | High
-28 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
-29 | File | `/wp-admin` | Medium
-30 | File | `/zm/index.php` | High
-31 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
-32 | File | `123flashchat.php` | High
-33 | File | `a2billing/customer/iridium_threed.php` | High
-34 | File | `addentry.php` | Medium
-35 | File | `admin.jcomments.php` | High
-36 | File | `admin.php` | Medium
-37 | File | `admin.php?mod=user&act=del` | High
-38 | File | `admin/login.asp` | High
-39 | File | `admin/review.php` | High
-40 | File | `affich.php` | Medium
-41 | File | `app/admin/routing/edit-bgp-mapping-search.php` | High
-42 | File | `app/View/Elements/eventattribute.ctp` | High
-43 | File | `application/modules/admin/views/ecommerce/products.php` | High
-44 | ... | ... | ...
+6 | File | `/admin/maintenance/brand.php` | High
+7 | File | `/admin/mechanics/manage_mechanic.php` | High
+8 | File | `/admin/positions_add.php` | High
+9 | File | `/admin/user/manage_user.php` | High
+10 | File | `/admin/voters_row.php` | High
+11 | File | `/ad_js.php` | Medium
+12 | File | `/agc/vicidial.php` | High
+13 | File | `/ajax.php?action=save_company` | High
+14 | File | `/ajax.php?action=save_user` | High
+15 | File | `/ajax/myshop` | Medium
+16 | File | `/alumni/admin/ajax.php?action=save_settings` | High
+17 | File | `/api/gen/clients/{language}` | High
+18 | File | `/apply.cgi` | Medium
+19 | File | `/APR/signup.php` | High
+20 | File | `/authenticationendpoint/login.do` | High
+21 | File | `/aux` | Low
+22 | File | `/backup.pl` | Medium
+23 | File | `/cas/logout` | Medium
+24 | File | `/categorypage.php` | High
+25 | File | `/cgi-bin/system_mgr.cgi` | High
+26 | File | `/cha.php` | Medium
+27 | File | `/College/admin/teacher.php` | High
+28 | File | `/contactform/contactform.php` | High
+29 | File | `/dayrui/Fcms/View/system_log.html` | High
+30 | File | `/drivers/block/floppy.c` | High
+31 | File | `/DXR.axd` | Medium
+32 | File | `/ecommerce/admin/category/controller.php` | High
+33 | File | `/etc/config/product.ini` | High
+34 | File | `/etc/crash` | Medium
+35 | File | `/etc/shadow` | Medium
+36 | File | `/fos/admin/ajax.php` | High
+37 | File | `/goform/aspForm` | High
+38 | File | `/goform/WifiBasicSet` | High
+39 | File | `/goform/WifiGuestSet` | High
+40 | File | `/index.php` | Medium
+41 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
+42 | File | `/kelasdosen/data` | High
+43 | File | `/login/index.php` | High
+44 | File | `/medicines/profile.php` | High
+45 | File | `/modules/projects/vw_files.php` | High
+46 | File | `/Moosikay/order.php` | High
+47 | File | `/multi-vendor-shopping-script/product-list.php` | High
+48 | File | `/nasm/nasm-parse.c` | High
+49 | File | `/ordering/admin/orders/loaddata.php` | High
+50 | File | `/ordering/admin/stockin/loaddata.php` | High
+51 | File | `/owa/auth/logon.aspx` | High
+52 | File | `/philosophy/admin/login.php` | High
+53 | File | `/php-opos/login.php` | High
+54 | File | `/priv_mgt.html` | High
+55 | File | `/queuing/index.php?page=display` | High
+56 | File | `/resources//../` | High
+57 | File | `/see_more_details.php` | High
+58 | File | `/services/indexing/preview` | High
+59 | File | `/upgrade` | Medium
+60 | File | `/user/updatePwd` | High
+61 | ... | ... | ...

-There are 380 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 532 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

 * https://app.any.run/tasks/88e56ff7-fd26-41d6-8f94-3812461e0cfd
+* https://app.any.run/tasks/592286eb-e429-437c-af56-3c017507573c
 * https://app.any.run/tasks/dfa82768-3bf4-4dc2-9117-0c583d8fdf10
 * https://bazaar.abuse.ch/sample/0269f5e35d84ded93ff37de9a062418de6f910f5a786806157f1a406143e83e2/
 * https://bazaar.abuse.ch/sample/7aa19913253d9a036b10df1f8f0bdb25567edda11fe99050d85a47249142bec2/
--- a/actors/BackSwap/README.md
+++ b/actors/BackSwap/README.md
@ -0,0 +1,46 @@
+# BackSwap - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [BackSwap](https://vuldb.com/?actor.backswap). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.backswap](https://vuldb.com/?actor.backswap)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BackSwap:
+
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of BackSwap.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [5.61.47.74](https://vuldb.com/?ip.5.61.47.74) | - | - | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by BackSwap. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `s04.php` | Low
+2 | Argument | `server` | Low
+3 | Argument | `shopid` | Low
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Backbone/README.md
+++ b/actors/Backbone/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [CN](https://vuldb.com/?country.cn)
 * ...

-There are 20 more country items available. Please use our online service to access the data.
+There are 19 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -3512,361 +3512,9 @@ ID | IP address | Hostname | Campaign | Confidence
 3489 | [81.173.104.130](https://vuldb.com/?ip.81.173.104.130) | - | - | High
 3490 | [81.173.104.132](https://vuldb.com/?ip.81.173.104.132) | - | - | High
 3491 | [81.173.104.136](https://vuldb.com/?ip.81.173.104.136) | - | - | High
-3492 | [81.173.104.144](https://vuldb.com/?ip.81.173.104.144) | - | - | High
-3493 | [81.173.104.160](https://vuldb.com/?ip.81.173.104.160) | - | - | High
-3494 | [81.173.104.176](https://vuldb.com/?ip.81.173.104.176) | - | - | High
-3495 | [81.173.104.188](https://vuldb.com/?ip.81.173.104.188) | - | - | High
-3496 | [81.173.104.192](https://vuldb.com/?ip.81.173.104.192) | - | - | High
-3497 | [81.173.105.0](https://vuldb.com/?ip.81.173.105.0) | - | - | High
-3498 | [81.173.105.128](https://vuldb.com/?ip.81.173.105.128) | - | - | High
-3499 | [81.173.105.144](https://vuldb.com/?ip.81.173.105.144) | - | - | High
-3500 | [81.173.105.146](https://vuldb.com/?ip.81.173.105.146) | - | - | High
-3501 | [81.173.105.148](https://vuldb.com/?ip.81.173.105.148) | - | - | High
-3502 | [81.173.105.152](https://vuldb.com/?ip.81.173.105.152) | - | - | High
-3503 | [81.173.105.160](https://vuldb.com/?ip.81.173.105.160) | - | - | High
-3504 | [81.173.105.196](https://vuldb.com/?ip.81.173.105.196) | - | - | High
-3505 | [81.173.105.200](https://vuldb.com/?ip.81.173.105.200) | - | - | High
-3506 | [81.173.105.208](https://vuldb.com/?ip.81.173.105.208) | - | - | High
-3507 | [81.173.106.0](https://vuldb.com/?ip.81.173.106.0) | - | - | High
-3508 | [81.173.106.8](https://vuldb.com/?ip.81.173.106.8) | - | - | High
-3509 | [81.173.106.14](https://vuldb.com/?ip.81.173.106.14) | - | - | High
-3510 | [81.173.106.16](https://vuldb.com/?ip.81.173.106.16) | ae7-0-grtdusix1.net.telefonicaglobalsolutions.com | - | High
-3511 | [81.173.106.24](https://vuldb.com/?ip.81.173.106.24) | be18-grtmadix2.net.telefonicaglobalsolutions.com | - | High
-3512 | [81.173.106.32](https://vuldb.com/?ip.81.173.106.32) | te0-1-0-6-grtlurem2.net.telefonicaglobalsolutions.com | - | High
-3513 | [81.173.106.42](https://vuldb.com/?ip.81.173.106.42) | be1-grtbogtm1.net.telefonicaglobalsolutions.com | - | High
-3514 | [81.173.106.44](https://vuldb.com/?ip.81.173.106.44) | be2-grtbogtm1.net.telefonicaglobalsolutions.com | - | High
-3515 | [81.173.106.48](https://vuldb.com/?ip.81.173.106.48) | - | - | High
-3516 | [81.173.106.60](https://vuldb.com/?ip.81.173.106.60) | - | - | High
-3517 | [81.173.106.66](https://vuldb.com/?ip.81.173.106.66) | - | - | High
-3518 | [81.173.106.68](https://vuldb.com/?ip.81.173.106.68) | - | - | High
-3519 | [81.173.106.78](https://vuldb.com/?ip.81.173.106.78) | - | - | High
-3520 | [81.173.106.80](https://vuldb.com/?ip.81.173.106.80) | - | - | High
-3521 | [81.173.106.82](https://vuldb.com/?ip.81.173.106.82) | - | - | High
-3522 | [81.173.106.84](https://vuldb.com/?ip.81.173.106.84) | - | - | High
-3523 | [81.173.106.88](https://vuldb.com/?ip.81.173.106.88) | - | - | High
-3524 | [81.173.106.96](https://vuldb.com/?ip.81.173.106.96) | be11-grtbogtm1.net.telefonicaglobalsolutions.com | - | High
-3525 | [81.173.106.102](https://vuldb.com/?ip.81.173.106.102) | be12-grtbogtm1.net.telefonicaglobalsolutions.com | - | High
-3526 | [81.173.106.104](https://vuldb.com/?ip.81.173.106.104) | - | - | High
-3527 | [81.173.106.112](https://vuldb.com/?ip.81.173.106.112) | - | - | High
-3528 | [81.173.106.120](https://vuldb.com/?ip.81.173.106.120) | - | - | High
-3529 | [81.173.106.122](https://vuldb.com/?ip.81.173.106.122) | - | - | High
-3530 | [81.173.106.124](https://vuldb.com/?ip.81.173.106.124) | - | - | High
-3531 | [81.173.106.128](https://vuldb.com/?ip.81.173.106.128) | - | - | High
-3532 | [81.173.106.133](https://vuldb.com/?ip.81.173.106.133) | - | - | High
-3533 | [81.173.106.134](https://vuldb.com/?ip.81.173.106.134) | - | - | High
-3534 | [81.173.106.136](https://vuldb.com/?ip.81.173.106.136) | - | - | High
-3535 | [81.173.106.147](https://vuldb.com/?ip.81.173.106.147) | - | - | High
-3536 | [81.173.106.148](https://vuldb.com/?ip.81.173.106.148) | - | - | High
-3537 | [81.173.106.152](https://vuldb.com/?ip.81.173.106.152) | - | - | High
-3538 | [81.173.106.160](https://vuldb.com/?ip.81.173.106.160) | - | - | High
-3539 | [81.173.106.176](https://vuldb.com/?ip.81.173.106.176) | - | - | High
-3540 | [81.173.106.180](https://vuldb.com/?ip.81.173.106.180) | - | - | High
-3541 | [81.173.106.186](https://vuldb.com/?ip.81.173.106.186) | - | - | High
-3542 | [81.173.106.188](https://vuldb.com/?ip.81.173.106.188) | - | - | High
-3543 | [81.173.106.194](https://vuldb.com/?ip.81.173.106.194) | - | - | High
-3544 | [81.173.106.196](https://vuldb.com/?ip.81.173.106.196) | - | - | High
-3545 | [81.173.106.200](https://vuldb.com/?ip.81.173.106.200) | - | - | High
-3546 | [81.173.106.202](https://vuldb.com/?ip.81.173.106.202) | - | - | High
-3547 | [81.173.106.205](https://vuldb.com/?ip.81.173.106.205) | - | - | High
-3548 | [81.173.106.206](https://vuldb.com/?ip.81.173.106.206) | - | - | High
-3549 | [81.173.106.208](https://vuldb.com/?ip.81.173.106.208) | - | - | High
-3550 | [81.173.106.224](https://vuldb.com/?ip.81.173.106.224) | - | - | High
-3551 | [81.173.106.228](https://vuldb.com/?ip.81.173.106.228) | - | - | High
-3552 | [81.173.106.232](https://vuldb.com/?ip.81.173.106.232) | - | - | High
-3553 | [81.173.106.240](https://vuldb.com/?ip.81.173.106.240) | - | - | High
-3554 | [81.173.107.0](https://vuldb.com/?ip.81.173.107.0) | - | - | High
-3555 | [81.173.107.32](https://vuldb.com/?ip.81.173.107.32) | - | - | High
-3556 | [81.173.107.40](https://vuldb.com/?ip.81.173.107.40) | - | - | High
-3557 | [81.173.107.48](https://vuldb.com/?ip.81.173.107.48) | - | - | High
-3558 | [81.173.107.64](https://vuldb.com/?ip.81.173.107.64) | - | - | High
-3559 | [81.173.107.128](https://vuldb.com/?ip.81.173.107.128) | - | - | High
-3560 | [81.173.107.192](https://vuldb.com/?ip.81.173.107.192) | - | - | High
-3561 | [81.173.107.208](https://vuldb.com/?ip.81.173.107.208) | - | - | High
-3562 | [81.173.107.210](https://vuldb.com/?ip.81.173.107.210) | - | - | High
-3563 | [81.173.107.212](https://vuldb.com/?ip.81.173.107.212) | - | - | High
-3564 | [81.173.107.216](https://vuldb.com/?ip.81.173.107.216) | - | - | High
-3565 | [81.173.107.224](https://vuldb.com/?ip.81.173.107.224) | - | - | High
-3566 | [81.173.108.0](https://vuldb.com/?ip.81.173.108.0) | - | - | High
-3567 | [81.173.108.128](https://vuldb.com/?ip.81.173.108.128) | - | - | High
-3568 | [81.173.108.132](https://vuldb.com/?ip.81.173.108.132) | - | - | High
-3569 | [81.173.108.135](https://vuldb.com/?ip.81.173.108.135) | - | - | High
-3570 | [81.173.108.137](https://vuldb.com/?ip.81.173.108.137) | - | - | High
-3571 | [81.173.108.138](https://vuldb.com/?ip.81.173.108.138) | - | - | High
-3572 | [81.173.108.140](https://vuldb.com/?ip.81.173.108.140) | - | - | High
-3573 | [81.173.108.148](https://vuldb.com/?ip.81.173.108.148) | - | - | High
-3574 | [81.173.108.152](https://vuldb.com/?ip.81.173.108.152) | - | - | High
-3575 | [81.173.108.154](https://vuldb.com/?ip.81.173.108.154) | - | - | High
-3576 | [81.173.108.156](https://vuldb.com/?ip.81.173.108.156) | - | - | High
-3577 | [81.173.108.160](https://vuldb.com/?ip.81.173.108.160) | - | - | High
-3578 | [81.173.108.162](https://vuldb.com/?ip.81.173.108.162) | - | - | High
-3579 | [81.173.108.167](https://vuldb.com/?ip.81.173.108.167) | - | - | High
-3580 | [81.173.108.168](https://vuldb.com/?ip.81.173.108.168) | - | - | High
-3581 | [81.173.108.172](https://vuldb.com/?ip.81.173.108.172) | - | - | High
-3582 | [81.173.108.174](https://vuldb.com/?ip.81.173.108.174) | - | - | High
-3583 | [81.173.108.176](https://vuldb.com/?ip.81.173.108.176) | - | - | High
-3584 | [81.173.108.180](https://vuldb.com/?ip.81.173.108.180) | - | - | High
-3585 | [81.173.108.182](https://vuldb.com/?ip.81.173.108.182) | - | - | High
-3586 | [81.173.108.184](https://vuldb.com/?ip.81.173.108.184) | - | - | High
-3587 | [81.173.108.187](https://vuldb.com/?ip.81.173.108.187) | - | - | High
-3588 | [81.173.108.191](https://vuldb.com/?ip.81.173.108.191) | - | - | High
-3589 | [81.173.108.192](https://vuldb.com/?ip.81.173.108.192) | - | - | High
-3590 | [81.173.108.200](https://vuldb.com/?ip.81.173.108.200) | - | - | High
-3591 | [81.173.108.204](https://vuldb.com/?ip.81.173.108.204) | - | - | High
-3592 | [81.173.108.207](https://vuldb.com/?ip.81.173.108.207) | - | - | High
-3593 | [81.173.108.208](https://vuldb.com/?ip.81.173.108.208) | - | - | High
-3594 | [81.173.108.212](https://vuldb.com/?ip.81.173.108.212) | - | - | High
-3595 | [81.173.108.217](https://vuldb.com/?ip.81.173.108.217) | - | - | High
-3596 | [81.173.108.219](https://vuldb.com/?ip.81.173.108.219) | - | - | High
-3597 | [81.173.108.221](https://vuldb.com/?ip.81.173.108.221) | - | - | High
-3598 | [81.173.108.222](https://vuldb.com/?ip.81.173.108.222) | - | - | High
-3599 | [81.173.108.224](https://vuldb.com/?ip.81.173.108.224) | - | - | High
-3600 | [81.173.109.16](https://vuldb.com/?ip.81.173.109.16) | - | - | High
-3601 | [81.173.109.32](https://vuldb.com/?ip.81.173.109.32) | - | - | High
-3602 | [81.173.109.64](https://vuldb.com/?ip.81.173.109.64) | - | - | High
-3603 | [81.173.109.128](https://vuldb.com/?ip.81.173.109.128) | - | - | High
-3604 | [81.173.109.137](https://vuldb.com/?ip.81.173.109.137) | - | - | High
-3605 | [81.173.109.138](https://vuldb.com/?ip.81.173.109.138) | - | - | High
-3606 | [81.173.109.140](https://vuldb.com/?ip.81.173.109.140) | - | - | High
-3607 | [81.173.109.144](https://vuldb.com/?ip.81.173.109.144) | - | - | High
-3608 | [81.173.109.149](https://vuldb.com/?ip.81.173.109.149) | - | - | High
-3609 | [81.173.109.150](https://vuldb.com/?ip.81.173.109.150) | - | - | High
-3610 | [81.173.109.152](https://vuldb.com/?ip.81.173.109.152) | - | - | High
-3611 | [81.173.109.160](https://vuldb.com/?ip.81.173.109.160) | - | - | High
-3612 | [81.173.109.168](https://vuldb.com/?ip.81.173.109.168) | - | - | High
-3613 | [81.173.109.172](https://vuldb.com/?ip.81.173.109.172) | - | - | High
-3614 | [81.173.109.176](https://vuldb.com/?ip.81.173.109.176) | - | - | High
-3615 | [81.173.109.184](https://vuldb.com/?ip.81.173.109.184) | - | - | High
-3616 | [81.173.109.186](https://vuldb.com/?ip.81.173.109.186) | - | - | High
-3617 | [81.173.109.188](https://vuldb.com/?ip.81.173.109.188) | - | - | High
-3618 | [81.173.109.192](https://vuldb.com/?ip.81.173.109.192) | - | - | High
-3619 | [81.173.109.201](https://vuldb.com/?ip.81.173.109.201) | - | - | High
-3620 | [81.173.109.202](https://vuldb.com/?ip.81.173.109.202) | - | - | High
-3621 | [81.173.109.204](https://vuldb.com/?ip.81.173.109.204) | - | - | High
-3622 | [81.173.109.208](https://vuldb.com/?ip.81.173.109.208) | - | - | High
-3623 | [81.173.109.224](https://vuldb.com/?ip.81.173.109.224) | - | - | High
-3624 | [81.173.110.0](https://vuldb.com/?ip.81.173.110.0) | - | - | High
-3625 | [81.173.110.8](https://vuldb.com/?ip.81.173.110.8) | - | - | High
-3626 | [81.173.110.11](https://vuldb.com/?ip.81.173.110.11) | - | - | High
-3627 | [81.173.110.12](https://vuldb.com/?ip.81.173.110.12) | - | - | High
-3628 | [81.173.110.16](https://vuldb.com/?ip.81.173.110.16) | - | - | High
-3629 | [81.173.110.32](https://vuldb.com/?ip.81.173.110.32) | - | - | High
-3630 | [81.173.110.48](https://vuldb.com/?ip.81.173.110.48) | - | - | High
-3631 | [81.173.110.64](https://vuldb.com/?ip.81.173.110.64) | - | - | High
-3632 | [81.173.110.129](https://vuldb.com/?ip.81.173.110.129) | - | - | High
-3633 | [81.173.110.131](https://vuldb.com/?ip.81.173.110.131) | - | - | High
-3634 | [81.173.110.138](https://vuldb.com/?ip.81.173.110.138) | - | - | High
-3635 | [81.173.110.142](https://vuldb.com/?ip.81.173.110.142) | - | - | High
-3636 | [81.173.110.144](https://vuldb.com/?ip.81.173.110.144) | - | - | High
-3637 | [81.173.110.153](https://vuldb.com/?ip.81.173.110.153) | - | - | High
-3638 | [81.173.110.154](https://vuldb.com/?ip.81.173.110.154) | - | - | High
-3639 | [81.173.110.156](https://vuldb.com/?ip.81.173.110.156) | - | - | High
-3640 | [81.173.110.160](https://vuldb.com/?ip.81.173.110.160) | - | - | High
-3641 | [81.173.110.163](https://vuldb.com/?ip.81.173.110.163) | - | - | High
-3642 | [81.173.110.172](https://vuldb.com/?ip.81.173.110.172) | - | - | High
-3643 | [81.173.110.180](https://vuldb.com/?ip.81.173.110.180) | - | - | High
-3644 | [81.173.110.187](https://vuldb.com/?ip.81.173.110.187) | - | - | High
-3645 | [81.173.110.188](https://vuldb.com/?ip.81.173.110.188) | - | - | High
-3646 | [81.173.110.200](https://vuldb.com/?ip.81.173.110.200) | - | - | High
-3647 | [81.173.110.209](https://vuldb.com/?ip.81.173.110.209) | - | - | High
-3648 | [81.173.110.210](https://vuldb.com/?ip.81.173.110.210) | - | - | High
-3649 | [81.173.110.212](https://vuldb.com/?ip.81.173.110.212) | - | - | High
-3650 | [81.173.110.216](https://vuldb.com/?ip.81.173.110.216) | - | - | High
-3651 | [81.173.110.224](https://vuldb.com/?ip.81.173.110.224) | - | - | High
-3652 | [81.173.111.0](https://vuldb.com/?ip.81.173.111.0) | - | - | High
-3653 | [81.173.111.12](https://vuldb.com/?ip.81.173.111.12) | - | - | High
-3654 | [81.173.111.16](https://vuldb.com/?ip.81.173.111.16) | - | - | High
-3655 | [81.173.111.32](https://vuldb.com/?ip.81.173.111.32) | - | - | High
-3656 | [81.173.111.64](https://vuldb.com/?ip.81.173.111.64) | - | - | High
-3657 | [81.173.111.96](https://vuldb.com/?ip.81.173.111.96) | - | - | High
-3658 | [81.173.111.116](https://vuldb.com/?ip.81.173.111.116) | - | - | High
-3659 | [81.173.111.120](https://vuldb.com/?ip.81.173.111.120) | - | - | High
-3660 | [81.173.111.132](https://vuldb.com/?ip.81.173.111.132) | - | - | High
-3661 | [81.173.111.136](https://vuldb.com/?ip.81.173.111.136) | - | - | High
-3662 | [81.173.111.140](https://vuldb.com/?ip.81.173.111.140) | - | - | High
-3663 | [81.173.111.144](https://vuldb.com/?ip.81.173.111.144) | - | - | High
-3664 | [81.173.111.156](https://vuldb.com/?ip.81.173.111.156) | - | - | High
-3665 | [81.173.111.166](https://vuldb.com/?ip.81.173.111.166) | - | - | High
-3666 | [81.173.111.176](https://vuldb.com/?ip.81.173.111.176) | - | - | High
-3667 | [81.173.111.188](https://vuldb.com/?ip.81.173.111.188) | - | - | High
-3668 | [81.173.111.192](https://vuldb.com/?ip.81.173.111.192) | - | - | High
-3669 | [81.173.111.198](https://vuldb.com/?ip.81.173.111.198) | - | - | High
-3670 | [81.173.111.200](https://vuldb.com/?ip.81.173.111.200) | - | - | High
-3671 | [81.173.111.212](https://vuldb.com/?ip.81.173.111.212) | - | - | High
-3672 | [81.173.111.228](https://vuldb.com/?ip.81.173.111.228) | - | - | High
-3673 | [81.173.111.245](https://vuldb.com/?ip.81.173.111.245) | - | - | High
-3674 | [81.173.111.246](https://vuldb.com/?ip.81.173.111.246) | - | - | High
-3675 | [81.173.111.248](https://vuldb.com/?ip.81.173.111.248) | - | - | High
-3676 | [81.199.62.0](https://vuldb.com/?ip.81.199.62.0) | - | - | High
-3677 | [81.201.102.244](https://vuldb.com/?ip.81.201.102.244) | - | - | High
-3678 | [81.201.102.254](https://vuldb.com/?ip.81.201.102.254) | ae43.cor03.fr2.eu.equinix.net | - | High
-3679 | [81.201.103.0](https://vuldb.com/?ip.81.201.103.0) | xe-0-0-3.cor01.ld8.eu.equinix.net | - | High
-3680 | [81.201.103.64](https://vuldb.com/?ip.81.201.103.64) | - | - | High
-3681 | [81.201.103.72](https://vuldb.com/?ip.81.201.103.72) | ae35.cor01.ld8.eu.equinix.net | - | High
-3682 | [81.201.103.80](https://vuldb.com/?ip.81.201.103.80) | ae39.cor01.ld8.eu.equinix.net | - | High
-3683 | [81.201.103.88](https://vuldb.com/?ip.81.201.103.88) | ae53.cor01.ld5.eu.equinix.net | - | High
-3684 | [81.201.103.96](https://vuldb.com/?ip.81.201.103.96) | ae57.cor01.ld5.eu.equinix.net | - | High
-3685 | [81.201.103.112](https://vuldb.com/?ip.81.201.103.112) | ae65.cor01.ld5.eu.equinix.net | - | High
-3686 | [81.201.103.124](https://vuldb.com/?ip.81.201.103.124) | - | - | High
-3687 | [81.201.103.128](https://vuldb.com/?ip.81.201.103.128) | - | - | High
-3688 | [81.201.103.144](https://vuldb.com/?ip.81.201.103.144) | - | - | High
-3689 | [81.201.103.164](https://vuldb.com/?ip.81.201.103.164) | ae41.cor03.mu3.eu.equinix.net | - | High
-3690 | [81.201.103.168](https://vuldb.com/?ip.81.201.103.168) | ae42.cor03.mu4.eu.equinix.net | - | High
-3691 | [81.201.103.176](https://vuldb.com/?ip.81.201.103.176) | ae103.cor04.hh1.eu.equinix.net | - | High
-3692 | [81.201.103.184](https://vuldb.com/?ip.81.201.103.184) | - | - | High
-3693 | [81.201.103.190](https://vuldb.com/?ip.81.201.103.190) | - | - | High
-3694 | [81.201.103.192](https://vuldb.com/?ip.81.201.103.192) | - | - | High
-3695 | [81.201.105.4](https://vuldb.com/?ip.81.201.105.4) | - | - | High
-3696 | [81.201.105.8](https://vuldb.com/?ip.81.201.105.8) | - | - | High
-3697 | [81.201.105.16](https://vuldb.com/?ip.81.201.105.16) | - | - | High
-3698 | [81.201.105.32](https://vuldb.com/?ip.81.201.105.32) | - | - | High
-3699 | [81.201.105.64](https://vuldb.com/?ip.81.201.105.64) | - | - | High
-3700 | [81.201.105.128](https://vuldb.com/?ip.81.201.105.128) | - | - | High
-3701 | [81.201.105.136](https://vuldb.com/?ip.81.201.105.136) | ae3-32.cor01.gv2.eu.equinix.net | - | High
-3702 | [81.201.105.144](https://vuldb.com/?ip.81.201.105.144) | - | - | High
-3703 | [81.201.105.160](https://vuldb.com/?ip.81.201.105.160) | ae3-32.cor01.zh4.eu.equinix.net | - | High
-3704 | [81.201.105.192](https://vuldb.com/?ip.81.201.105.192) | ae3-31.cor01.pa6.eu.equinix.net | - | High
-3705 | [81.201.105.224](https://vuldb.com/?ip.81.201.105.224) | - | - | High
-3706 | [81.201.105.240](https://vuldb.com/?ip.81.201.105.240) | ae3-32.cor01.db2.eu.equinix.net | - | High
-3707 | [81.253.182.0](https://vuldb.com/?ip.81.253.182.0) | - | - | High
-3708 | [81.253.182.32](https://vuldb.com/?ip.81.253.182.32) | - | - | High
-3709 | [81.253.182.48](https://vuldb.com/?ip.81.253.182.48) | - | - | High
-3710 | [81.253.182.56](https://vuldb.com/?ip.81.253.182.56) | - | - | High
-3711 | [81.253.182.59](https://vuldb.com/?ip.81.253.182.59) | - | - | High
-3712 | [81.253.182.60](https://vuldb.com/?ip.81.253.182.60) | - | - | High
-3713 | [81.253.182.63](https://vuldb.com/?ip.81.253.182.63) | - | - | High
-3714 | [81.253.182.64](https://vuldb.com/?ip.81.253.182.64) | - | - | High
-3715 | [81.253.182.67](https://vuldb.com/?ip.81.253.182.67) | - | - | High
-3716 | [81.253.182.68](https://vuldb.com/?ip.81.253.182.68) | - | - | High
-3717 | [81.253.182.71](https://vuldb.com/?ip.81.253.182.71) | - | - | High
-3718 | [81.253.182.72](https://vuldb.com/?ip.81.253.182.72) | - | - | High
-3719 | [81.253.182.75](https://vuldb.com/?ip.81.253.182.75) | - | - | High
-3720 | [81.253.182.76](https://vuldb.com/?ip.81.253.182.76) | - | - | High
-3721 | [81.253.182.79](https://vuldb.com/?ip.81.253.182.79) | - | - | High
-3722 | [81.253.182.80](https://vuldb.com/?ip.81.253.182.80) | - | - | High
-3723 | [81.253.182.83](https://vuldb.com/?ip.81.253.182.83) | - | - | High
-3724 | [81.253.182.84](https://vuldb.com/?ip.81.253.182.84) | - | - | High
-3725 | [81.253.182.87](https://vuldb.com/?ip.81.253.182.87) | - | - | High
-3726 | [81.253.182.88](https://vuldb.com/?ip.81.253.182.88) | - | - | High
-3727 | [81.253.182.96](https://vuldb.com/?ip.81.253.182.96) | - | - | High
-3728 | [81.253.182.128](https://vuldb.com/?ip.81.253.182.128) | - | - | High
-3729 | [81.253.182.144](https://vuldb.com/?ip.81.253.182.144) | - | - | High
-3730 | [81.253.182.148](https://vuldb.com/?ip.81.253.182.148) | - | - | High
-3731 | [81.253.182.150](https://vuldb.com/?ip.81.253.182.150) | ae23-0.nclyo201.rbci.orange.net | - | High
-3732 | [81.253.182.152](https://vuldb.com/?ip.81.253.182.152) | - | - | High
-3733 | [81.253.182.154](https://vuldb.com/?ip.81.253.182.154) | ae23-0.nclyo202.rbci.orange.net | - | High
-3734 | [81.253.182.156](https://vuldb.com/?ip.81.253.182.156) | - | - | High
-3735 | [81.253.182.160](https://vuldb.com/?ip.81.253.182.160) | - | - | High
-3736 | [81.253.182.192](https://vuldb.com/?ip.81.253.182.192) | - | - | High
-3737 | [81.253.183.0](https://vuldb.com/?ip.81.253.183.0) | - | - | High
-3738 | [81.253.183.3](https://vuldb.com/?ip.81.253.183.3) | - | - | High
-3739 | [81.253.183.4](https://vuldb.com/?ip.81.253.183.4) | - | - | High
-3740 | [81.253.183.7](https://vuldb.com/?ip.81.253.183.7) | - | - | High
-3741 | [81.253.183.8](https://vuldb.com/?ip.81.253.183.8) | - | - | High
-3742 | [81.253.183.16](https://vuldb.com/?ip.81.253.183.16) | - | - | High
-3743 | [81.253.183.20](https://vuldb.com/?ip.81.253.183.20) | - | - | High
-3744 | [81.253.183.23](https://vuldb.com/?ip.81.253.183.23) | - | - | High
-3745 | [81.253.183.24](https://vuldb.com/?ip.81.253.183.24) | - | - | High
-3746 | [81.253.183.32](https://vuldb.com/?ip.81.253.183.32) | - | - | High
-3747 | [81.253.183.64](https://vuldb.com/?ip.81.253.183.64) | - | - | High
-3748 | [81.253.183.128](https://vuldb.com/?ip.81.253.183.128) | - | - | High
-3749 | [81.253.184.0](https://vuldb.com/?ip.81.253.184.0) | - | - | High
-3750 | [81.253.184.4](https://vuldb.com/?ip.81.253.184.4) | - | - | High
-3751 | [81.253.184.6](https://vuldb.com/?ip.81.253.184.6) | - | - | High
-3752 | [81.253.184.8](https://vuldb.com/?ip.81.253.184.8) | - | - | High
-3753 | [81.253.184.16](https://vuldb.com/?ip.81.253.184.16) | - | - | High
-3754 | [81.253.184.20](https://vuldb.com/?ip.81.253.184.20) | - | - | High
-3755 | [81.253.184.22](https://vuldb.com/?ip.81.253.184.22) | - | - | High
-3756 | [81.253.184.24](https://vuldb.com/?ip.81.253.184.24) | - | - | High
-3757 | [81.253.184.32](https://vuldb.com/?ip.81.253.184.32) | - | - | High
-3758 | [81.253.184.64](https://vuldb.com/?ip.81.253.184.64) | - | - | High
-3759 | [81.253.184.96](https://vuldb.com/?ip.81.253.184.96) | - | - | High
-3760 | [81.253.184.98](https://vuldb.com/?ip.81.253.184.98) | - | - | High
-3761 | [81.253.184.100](https://vuldb.com/?ip.81.253.184.100) | - | - | High
-3762 | [81.253.184.102](https://vuldb.com/?ip.81.253.184.102) | - | - | High
-3763 | [81.253.184.104](https://vuldb.com/?ip.81.253.184.104) | - | - | High
-3764 | [81.253.184.112](https://vuldb.com/?ip.81.253.184.112) | - | - | High
-3765 | [81.253.184.116](https://vuldb.com/?ip.81.253.184.116) | - | - | High
-3766 | [81.253.184.118](https://vuldb.com/?ip.81.253.184.118) | - | - | High
-3767 | [81.253.184.120](https://vuldb.com/?ip.81.253.184.120) | - | - | High
-3768 | [81.253.184.128](https://vuldb.com/?ip.81.253.184.128) | - | - | High
-3769 | [81.253.184.160](https://vuldb.com/?ip.81.253.184.160) | - | - | High
-3770 | [81.253.184.176](https://vuldb.com/?ip.81.253.184.176) | - | - | High
-3771 | [81.253.184.178](https://vuldb.com/?ip.81.253.184.178) | - | - | High
-3772 | [81.253.184.180](https://vuldb.com/?ip.81.253.184.180) | - | - | High
-3773 | [81.253.184.182](https://vuldb.com/?ip.81.253.184.182) | - | - | High
-3774 | [81.253.184.184](https://vuldb.com/?ip.81.253.184.184) | - | - | High
-3775 | [81.253.184.188](https://vuldb.com/?ip.81.253.184.188) | - | - | High
-3776 | [81.253.184.190](https://vuldb.com/?ip.81.253.184.190) | - | - | High
-3777 | [81.253.184.192](https://vuldb.com/?ip.81.253.184.192) | - | - | High
-3778 | [81.253.184.208](https://vuldb.com/?ip.81.253.184.208) | - | - | High
-3779 | [81.253.184.216](https://vuldb.com/?ip.81.253.184.216) | - | - | High
-3780 | [81.253.184.224](https://vuldb.com/?ip.81.253.184.224) | - | - | High
-3781 | [81.253.185.0](https://vuldb.com/?ip.81.253.185.0) | - | - | High
-3782 | [82.96.1.0](https://vuldb.com/?ip.82.96.1.0) | - | - | High
-3783 | [82.96.1.8](https://vuldb.com/?ip.82.96.1.8) | - | - | High
-3784 | [82.96.1.20](https://vuldb.com/?ip.82.96.1.20) | - | - | High
-3785 | [82.96.1.24](https://vuldb.com/?ip.82.96.1.24) | - | - | High
-3786 | [82.96.1.26](https://vuldb.com/?ip.82.96.1.26) | vl1306.dk.cph.sydv.cr0.port80.se | - | High
-3787 | [82.96.1.28](https://vuldb.com/?ip.82.96.1.28) | - | - | High
-3788 | [82.96.1.31](https://vuldb.com/?ip.82.96.1.31) | - | - | High
-3789 | [82.96.1.44](https://vuldb.com/?ip.82.96.1.44) | - | - | High
-3790 | [82.96.1.48](https://vuldb.com/?ip.82.96.1.48) | - | - | High
-3791 | [82.96.1.64](https://vuldb.com/?ip.82.96.1.64) | - | - | High
-3792 | [82.96.1.76](https://vuldb.com/?ip.82.96.1.76) | - | - | High
-3793 | [82.96.1.84](https://vuldb.com/?ip.82.96.1.84) | - | - | High
-3794 | [82.96.1.88](https://vuldb.com/?ip.82.96.1.88) | - | - | High
-3795 | [82.96.1.91](https://vuldb.com/?ip.82.96.1.91) | - | - | High
-3796 | [82.96.1.92](https://vuldb.com/?ip.82.96.1.92) | - | - | High
-3797 | [82.96.1.108](https://vuldb.com/?ip.82.96.1.108) | - | - | High
-3798 | [82.96.1.112](https://vuldb.com/?ip.82.96.1.112) | - | - | High
-3799 | [82.96.1.136](https://vuldb.com/?ip.82.96.1.136) | - | - | High
-3800 | [82.96.1.144](https://vuldb.com/?ip.82.96.1.144) | - | - | High
-3801 | [82.96.1.160](https://vuldb.com/?ip.82.96.1.160) | - | - | High
-3802 | [82.96.1.172](https://vuldb.com/?ip.82.96.1.172) | - | - | High
-3803 | [82.96.1.176](https://vuldb.com/?ip.82.96.1.176) | - | - | High
-3804 | [82.96.1.184](https://vuldb.com/?ip.82.96.1.184) | - | - | High
-3805 | [82.96.1.200](https://vuldb.com/?ip.82.96.1.200) | - | - | High
-3806 | [82.99.29.0](https://vuldb.com/?ip.82.99.29.0) | - | - | High
-3807 | [82.99.29.8](https://vuldb.com/?ip.82.99.29.8) | - | - | High
-3808 | [82.99.29.24](https://vuldb.com/?ip.82.99.29.24) | - | - | High
-3809 | [82.99.29.32](https://vuldb.com/?ip.82.99.29.32) | - | - | High
-3810 | [82.99.29.40](https://vuldb.com/?ip.82.99.29.40) | - | - | High
-3811 | [82.99.29.48](https://vuldb.com/?ip.82.99.29.48) | - | - | High
-3812 | [82.99.29.60](https://vuldb.com/?ip.82.99.29.60) | - | - | High
-3813 | [82.99.29.64](https://vuldb.com/?ip.82.99.29.64) | - | - | High
-3814 | [82.99.29.72](https://vuldb.com/?ip.82.99.29.72) | - | - | High
-3815 | [82.99.29.84](https://vuldb.com/?ip.82.99.29.84) | - | - | High
-3816 | [82.99.29.88](https://vuldb.com/?ip.82.99.29.88) | - | - | High
-3817 | [82.99.29.96](https://vuldb.com/?ip.82.99.29.96) | - | - | High
-3818 | [82.99.29.112](https://vuldb.com/?ip.82.99.29.112) | - | - | High
-3819 | [82.99.29.128](https://vuldb.com/?ip.82.99.29.128) | - | - | High
-3820 | [82.138.72.0](https://vuldb.com/?ip.82.138.72.0) | - | - | High
-3821 | [82.138.72.40](https://vuldb.com/?ip.82.138.72.40) | - | - | High
-3822 | [82.138.72.48](https://vuldb.com/?ip.82.138.72.48) | - | - | High
-3823 | [82.138.72.64](https://vuldb.com/?ip.82.138.72.64) | - | - | High
-3824 | [82.138.72.128](https://vuldb.com/?ip.82.138.72.128) | - | - | High
-3825 | [82.138.72.192](https://vuldb.com/?ip.82.138.72.192) | - | - | High
-3826 | [82.138.72.196](https://vuldb.com/?ip.82.138.72.196) | - | - | High
-3827 | [82.138.72.199](https://vuldb.com/?ip.82.138.72.199) | - | - | High
-3828 | [82.138.72.200](https://vuldb.com/?ip.82.138.72.200) | - | - | High
-3829 | [82.138.72.208](https://vuldb.com/?ip.82.138.72.208) | - | - | High
-3830 | [82.138.72.224](https://vuldb.com/?ip.82.138.72.224) | - | - | High
-3831 | [82.165.233.8](https://vuldb.com/?ip.82.165.233.8) | - | - | High
-3832 | [82.165.233.16](https://vuldb.com/?ip.82.165.233.16) | - | - | High
-3833 | [82.165.233.32](https://vuldb.com/?ip.82.165.233.32) | - | - | High
-3834 | [82.165.233.42](https://vuldb.com/?ip.82.165.233.42) | ens-18-9.gw-nat.hbf5.kae.de.oneandone.net | - | High
-3835 | [82.165.233.44](https://vuldb.com/?ip.82.165.233.44) | - | - | High
-3836 | [82.165.233.48](https://vuldb.com/?ip.82.165.233.48) | - | - | High
-3837 | [82.165.233.66](https://vuldb.com/?ip.82.165.233.66) | et-0-nat-7.gw-nat.spb.muc.de.oneandone.net | - | High
-3838 | [82.165.233.72](https://vuldb.com/?ip.82.165.233.72) | ens-18-10.gw-nat.hbf5.kae.de.oneandone.net | - | High
-3839 | [82.165.233.80](https://vuldb.com/?ip.82.165.233.80) | - | - | High
-3840 | [82.165.233.98](https://vuldb.com/?ip.82.165.233.98) | et-0-nat-8.gw-nat.spb.muc.de.oneandone.net | - | High
-3841 | [82.165.233.104](https://vuldb.com/?ip.82.165.233.104) | ens-18-11.gw-nat.hbf5.kae.de.oneandone.net | - | High
-3842 | [82.165.233.112](https://vuldb.com/?ip.82.165.233.112) | - | - | High
-3843 | [82.165.233.132](https://vuldb.com/?ip.82.165.233.132) | - | - | High
-3844 | ... | ... | ... | ...
+3492 | ... | ... | ... | ...

-There are 15370 more IOC items available. Please use our online service to access the data.
+There are 13963 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -3874,14 +3522,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-36, CWE-37 | Pathname Traversal | High
 2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 22 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -3891,55 +3539,57 @@ ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `$GIT_DIR/objects` | High
 2 | File | `/?ajax-request=jnews` | High
-3 | File | `/about/../` | Medium
-4 | File | `/admin.php/accessory/filesdel.html` | High
-5 | File | `/admin/?page=user/manage` | High
-6 | File | `/admin/add-new.php` | High
-7 | File | `/admin/admin_manage/delete` | High
-8 | File | `/admin/doctors.php` | High
-9 | File | `/admin/main/mod-blog` | High
-10 | File | `/admin/products/manage_product.php` | High
-11 | File | `/advanced/adv_dns.xgi` | High
-12 | File | `/alarm_pi/alarmService.php` | High
-13 | File | `/alphaware/summary.php` | High
-14 | File | `/api/` | Low
-15 | File | `/api/admin/store/product/list` | High
-16 | File | `/api/blade-log/api/list` | High
-17 | File | `/api/v2/cli/commands` | High
-18 | File | `/appliance/users?action=edit` | High
-19 | File | `/authUserAction!edit.action` | High
-20 | File | `/backup.pl` | Medium
-21 | File | `/boat/login.php` | High
-22 | File | `/browse.PROJECTKEY` | High
-23 | File | `/bsms_ci/index.php/book` | High
-24 | File | `/cgi-bin/luci/api/wireless` | High
-25 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
-26 | File | `/cgi-bin/supervisor/adcommand.cgi` | High
-27 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
-28 | File | `/cgi-bin/wlogin.cgi` | High
-29 | File | `/cmscp/ext/collect/fetch_url.do` | High
-30 | File | `/crmeb/app/admin/controller/store/CopyTaobao.php` | High
-31 | File | `/debug/pprof` | Medium
-32 | File | `/edoc/doctor/patient.php` | High
-33 | File | `/env` | Low
-34 | File | `/etc/hosts` | Medium
-35 | File | `/etc/shadow` | Medium
-36 | File | `/face-recognition-php/facepay-master/camera.php` | High
-37 | File | `/forms/doLogin` | High
-38 | File | `/forum/away.php` | High
-39 | File | `/home/masterConsole` | High
-40 | File | `/index.php` | Medium
-41 | File | `/Items/*/RemoteImages/Download` | High
-42 | File | `/login/index.php` | High
-43 | File | `/loginsave.php` | High
-44 | File | `/medicines/profile.php` | High
-45 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
-46 | File | `/orrs/admin/?page=user/manage_user` | High
-47 | File | `/php-scrm/login.php` | High
-48 | File | `/proxy` | Low
-49 | ... | ... | ...
+3 | File | `/?p=products` | Medium
+4 | File | `/about/../` | Medium
+5 | File | `/admin.php/accessory/filesdel.html` | High
+6 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
+7 | File | `/admin/?page=user/manage` | High
+8 | File | `/admin/add-new.php` | High
+9 | File | `/admin/admin_manage/delete` | High
+10 | File | `/admin/doctors.php` | High
+11 | File | `/admin/edit_subject.php` | High
+12 | File | `/admin/main/mod-blog` | High
+13 | File | `/admin/products/manage_product.php` | High
+14 | File | `/admin/scheprofile.cgi` | High
+15 | File | `/advanced/adv_dns.xgi` | High
+16 | File | `/alphaware/summary.php` | High
+17 | File | `/api/` | Low
+18 | File | `/api/admin/store/product/list` | High
+19 | File | `/api/blade-log/api/list` | High
+20 | File | `/api/stl/actions/search` | High
+21 | File | `/api/v1/snapshots` | High
+22 | File | `/api/v2/cli/commands` | High
+23 | File | `/appliance/users?action=edit` | High
+24 | File | `/Application/Admin/Controller/ConfigController.class.php` | High
+25 | File | `/authUserAction!edit.action` | High
+26 | File | `/backup.pl` | Medium
+27 | File | `/bin/ate` | Medium
+28 | File | `/bin/boa` | Medium
+29 | File | `/boat/login.php` | High
+30 | File | `/browse.PROJECTKEY` | High
+31 | File | `/bsms_ci/index.php/book` | High
+32 | File | `/cgi-bin` | Medium
+33 | File | `/cgi-bin/luci/api/wireless` | High
+34 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
+35 | File | `/cgi-bin/supervisor/adcommand.cgi` | High
+36 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
+37 | File | `/cgi-bin/wlogin.cgi` | High
+38 | File | `/cmscp/ext/collect/fetch_url.do` | High
+39 | File | `/debug/pprof` | Medium
+40 | File | `/dev/shm` | Medium
+41 | File | `/E-mobile/App/System/File/downfile.php` | High
+42 | File | `/edoc/doctor/patient.php` | High
+43 | File | `/env` | Low
+44 | File | `/face-recognition-php/facepay-master/camera.php` | High
+45 | File | `/forms/doLogin` | High
+46 | File | `/forum/away.php` | High
+47 | File | `/home/masterConsole` | High
+48 | File | `/index.php?app=main&func=passport&action=login` | High
+49 | File | `/index/user/user_edit.html` | High
+50 | File | `/Items/*/RemoteImages/Download` | High
+51 | ... | ... | ...

-There are 425 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 441 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/BadPatch/README.md
+++ b/actors/BadPatch/README.md
@ -8,8 +8,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com

 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BadPatch:

-* [RU](https://vuldb.com/?country.ru)
 * [US](https://vuldb.com/?country.us)
+* [RU](https://vuldb.com/?country.ru)
 * [DE](https://vuldb.com/?country.de)

 ## IOC - Indicator of Compromise
@ -18,8 +18,9 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi

 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [148.251.135.117](https://vuldb.com/?ip.148.251.135.117) | server.pogled.ba | - | High
-2 | [195.154.216.74](https://vuldb.com/?ip.195.154.216.74) | 195-154-216-74.rev.poneytelecom.eu | - | High
+1 | [6.43.51.17](https://vuldb.com/?ip.6.43.51.17) | - | - | High
+2 | [148.251.135.117](https://vuldb.com/?ip.148.251.135.117) | server.pogled.ba | - | High
+3 | [195.154.216.74](https://vuldb.com/?ip.195.154.216.74) | 195-154-216-74.rev.poneytelecom.eu | - | High

 ## TTP - Tactics, Techniques, Procedures

@ -29,6 +30,7 @@ ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1068 | CWE-269 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
 2 | T1110.001 | CWE-798 | Improper Restriction of Excessive Authentication Attempts | High
+3 | T1505 | CWE-89 | SQL Injection | High

 ## IOA - Indicator of Attack

@ -37,16 +39,17 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `/usr/local/sbin/webproject/set_param.cgi` | High
-2 | File | `includes/pages.inc.php` | High
-3 | File | `mod_proxy_fcgi.c` | High
+2 | File | `category.cfm` | Medium
+3 | File | `includes/pages.inc.php` | High
 4 | ... | ... | ...

-There are 3 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 5 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

+* https://www.fortinet.com/blog/threat-research/badpatch-campaign-uses-python-malware.html
 * https://www.threatminer.org/report.php?q=BadPatch-PaloAltoNetworks.pdf&y=2017

 ## Literature
--- a/actors/BazarLoader/README.md
+++ b/actors/BazarLoader/README.md
@ -95,7 +95,7 @@ ID | Type | Indicator | Confidence
 10 | File | `admin/admin.shtml` | High
 11 | ... | ... | ...

-There are 86 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 87 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/BianLian/README.md
+++ b/actors/BianLian/README.md
@ -27,81 +27,83 @@ ID | IP address | Hostname | Campaign | Confidence
 4 | [3.249.5.101](https://vuldb.com/?ip.3.249.5.101) | ec2-3-249-5-101.eu-west-1.compute.amazonaws.com | - | Medium
 5 | [5.2.79.138](https://vuldb.com/?ip.5.2.79.138) | - | - | High
 6 | [5.45.67.163](https://vuldb.com/?ip.5.45.67.163) | how-an.senateware.com | - | High
-7 | [5.161.51.212](https://vuldb.com/?ip.5.161.51.212) | static.212.51.161.5.clients.your-server.de | - | High
-8 | [5.183.95.20](https://vuldb.com/?ip.5.183.95.20) | eole.andesreader.com | - | High
-9 | [5.183.95.54](https://vuldb.com/?ip.5.183.95.54) | mail.trinityhht.store | - | High
-10 | [5.188.6.118](https://vuldb.com/?ip.5.188.6.118) | subnet.local | - | High
-11 | [5.206.224.39](https://vuldb.com/?ip.5.206.224.39) | hostname | - | High
-12 | [5.230.67.2](https://vuldb.com/?ip.5.230.67.2) | - | - | High
-13 | [5.230.70.23](https://vuldb.com/?ip.5.230.70.23) | placeholder.noezserver.de | - | High
-14 | [5.230.72.245](https://vuldb.com/?ip.5.230.72.245) | - | - | High
-15 | [5.230.73.37](https://vuldb.com/?ip.5.230.73.37) | placeholder.noezserver.de | - | High
-16 | [5.230.73.234](https://vuldb.com/?ip.5.230.73.234) | - | - | High
-17 | [5.230.74.62](https://vuldb.com/?ip.5.230.74.62) | placeholder.noezserver.de | - | High
-18 | [5.230.74.81](https://vuldb.com/?ip.5.230.74.81) | - | - | High
-19 | [13.39.160.220](https://vuldb.com/?ip.13.39.160.220) | ec2-13-39-160-220.eu-west-3.compute.amazonaws.com | - | Medium
-20 | [13.49.57.110](https://vuldb.com/?ip.13.49.57.110) | ec2-13-49-57-110.eu-north-1.compute.amazonaws.com | - | Medium
-21 | [13.59.168.154](https://vuldb.com/?ip.13.59.168.154) | ec2-13-59-168-154.us-east-2.compute.amazonaws.com | - | Medium
-22 | [15.188.49.63](https://vuldb.com/?ip.15.188.49.63) | ec2-15-188-49-63.eu-west-3.compute.amazonaws.com | - | Medium
-23 | [16.162.137.220](https://vuldb.com/?ip.16.162.137.220) | ec2-16-162-137-220.ap-east-1.compute.amazonaws.com | - | Medium
-24 | [18.130.242.71](https://vuldb.com/?ip.18.130.242.71) | ec2-18-130-242-71.eu-west-2.compute.amazonaws.com | - | Medium
-25 | [18.144.70.39](https://vuldb.com/?ip.18.144.70.39) | ec2-18-144-70-39.us-west-1.compute.amazonaws.com | - | Medium
-26 | [18.159.131.20](https://vuldb.com/?ip.18.159.131.20) | ec2-18-159-131-20.eu-central-1.compute.amazonaws.com | - | Medium
-27 | [18.159.131.209](https://vuldb.com/?ip.18.159.131.209) | ec2-18-159-131-209.eu-central-1.compute.amazonaws.com | - | Medium
-28 | [18.204.17.193](https://vuldb.com/?ip.18.204.17.193) | ec2-18-204-17-193.compute-1.amazonaws.com | - | Medium
-29 | [18.221.191.129](https://vuldb.com/?ip.18.221.191.129) | ec2-18-221-191-129.us-east-2.compute.amazonaws.com | - | Medium
-30 | [23.94.56.154](https://vuldb.com/?ip.23.94.56.154) | 23-94-56-154-host.colocrossing.com | - | High
-31 | [23.106.223.117](https://vuldb.com/?ip.23.106.223.117) | - | - | High
-32 | [23.163.0.34](https://vuldb.com/?ip.23.163.0.34) | hehomeset.com | - | High
-33 | [23.163.0.51](https://vuldb.com/?ip.23.163.0.51) | good-jikmoon.electmum.com | - | High
-34 | [23.163.0.149](https://vuldb.com/?ip.23.163.0.149) | lyfb-000149.lyfbuz.com | - | High
-35 | [23.163.0.168](https://vuldb.com/?ip.23.163.0.168) | tech-000168.techydrov.com | - | High
-36 | [23.163.0.228](https://vuldb.com/?ip.23.163.0.228) | scary-pencil.fluentbeam.com | - | High
-37 | [23.163.0.241](https://vuldb.com/?ip.23.163.0.241) | way2-000241.way2moveis.com | - | High
-38 | [23.227.198.243](https://vuldb.com/?ip.23.227.198.243) | 23-227-198-243.static.hvvc.us | - | High
-39 | [23.229.117.247](https://vuldb.com/?ip.23.229.117.247) | - | - | High
-40 | [34.172.205.52](https://vuldb.com/?ip.34.172.205.52) | 52.205.172.34.bc.googleusercontent.com | - | Medium
-41 | [34.219.121.232](https://vuldb.com/?ip.34.219.121.232) | ec2-34-219-121-232.us-west-2.compute.amazonaws.com | - | Medium
-42 | [34.249.53.58](https://vuldb.com/?ip.34.249.53.58) | ec2-34-249-53-58.eu-west-1.compute.amazonaws.com | - | Medium
-43 | [35.157.43.44](https://vuldb.com/?ip.35.157.43.44) | ec2-35-157-43-44.eu-central-1.compute.amazonaws.com | - | Medium
-44 | [35.180.225.185](https://vuldb.com/?ip.35.180.225.185) | ec2-35-180-225-185.eu-west-3.compute.amazonaws.com | - | Medium
-45 | [35.181.59.201](https://vuldb.com/?ip.35.181.59.201) | ec2-35-181-59-201.eu-west-3.compute.amazonaws.com | - | Medium
-46 | [35.183.14.149](https://vuldb.com/?ip.35.183.14.149) | ec2-35-183-14-149.ca-central-1.compute.amazonaws.com | - | Medium
-47 | [37.220.31.17](https://vuldb.com/?ip.37.220.31.17) | aviation.metagroups.info | - | High
-48 | [37.220.31.54](https://vuldb.com/?ip.37.220.31.54) | d6.wve.futuristi-ccoding.com | - | High
-49 | [37.220.31.104](https://vuldb.com/?ip.37.220.31.104) | 10-4netw0rk.mynet.com.tr | - | High
-50 | [37.228.129.4](https://vuldb.com/?ip.37.228.129.4) | - | - | High
-51 | [37.235.54.42](https://vuldb.com/?ip.37.235.54.42) | 42.54.235.37.in-addr.arpa | - | High
-52 | [37.235.54.52](https://vuldb.com/?ip.37.235.54.52) | 52.54.235.37.in-addr.arpa | - | High
-53 | [37.235.54.81](https://vuldb.com/?ip.37.235.54.81) | 81.54.235.37.in-addr.arpa | - | High
-54 | [41.199.178.166](https://vuldb.com/?ip.41.199.178.166) | HOST-166-178.199.41.nile-online.net | - | High
-55 | [43.139.241.58](https://vuldb.com/?ip.43.139.241.58) | - | - | High
-56 | [43.155.77.226](https://vuldb.com/?ip.43.155.77.226) | - | - | High
-57 | [43.155.116.250](https://vuldb.com/?ip.43.155.116.250) | - | - | High
-58 | [44.212.9.14](https://vuldb.com/?ip.44.212.9.14) | ec2-44-212-9-14.compute-1.amazonaws.com | - | Medium
-59 | [44.212.18.9](https://vuldb.com/?ip.44.212.18.9) | ec2-44-212-18-9.compute-1.amazonaws.com | - | Medium
-60 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
-61 | [45.32.124.182](https://vuldb.com/?ip.45.32.124.182) | 45.32.124.182.vultrusercontent.com | - | High
-62 | [45.33.119.19](https://vuldb.com/?ip.45.33.119.19) | li1056-19.members.linode.com | - | High
-63 | [45.56.165.17](https://vuldb.com/?ip.45.56.165.17) | nordns.crowncloud.net | - | High
-64 | [45.61.136.152](https://vuldb.com/?ip.45.61.136.152) | - | - | High
-65 | [45.66.249.118](https://vuldb.com/?ip.45.66.249.118) | 7r277nw66g.shybeaveronline.com | - | High
-66 | [45.76.181.107](https://vuldb.com/?ip.45.76.181.107) | 45.76.181.107.vultrusercontent.com | - | High
-67 | [45.77.198.117](https://vuldb.com/?ip.45.77.198.117) | 45.77.198.117.vultrusercontent.com | - | High
-68 | [45.82.72.227](https://vuldb.com/?ip.45.82.72.227) | - | - | High
-69 | [45.86.163.228](https://vuldb.com/?ip.45.86.163.228) | - | - | High
-70 | [45.86.230.64](https://vuldb.com/?ip.45.86.230.64) | srv2.lg-c.net | - | High
-71 | [45.92.156.105](https://vuldb.com/?ip.45.92.156.105) | - | - | High
-72 | [45.114.129.150](https://vuldb.com/?ip.45.114.129.150) | hostedby.idfnv.net | - | High
-73 | [45.125.64.198](https://vuldb.com/?ip.45.125.64.198) | openisa.dealingdeals4us.info | - | High
-74 | [45.128.156.3](https://vuldb.com/?ip.45.128.156.3) | webfair.store | - | High
-75 | [45.128.156.10](https://vuldb.com/?ip.45.128.156.10) | frm3-zendable.com | - | High
-76 | [45.128.156.43](https://vuldb.com/?ip.45.128.156.43) | buyetcapp.store | - | High
-77 | [45.134.174.99](https://vuldb.com/?ip.45.134.174.99) | dedicated.vsys.host | - | High
-78 | [45.138.172.80](https://vuldb.com/?ip.45.138.172.80) | - | - | High
-79 | ... | ... | ... | ...
+7 | [5.104.80.155](https://vuldb.com/?ip.5.104.80.155) | vmi1303568.contaboserver.net | - | High
+8 | [5.161.51.212](https://vuldb.com/?ip.5.161.51.212) | static.212.51.161.5.clients.your-server.de | - | High
+9 | [5.183.95.20](https://vuldb.com/?ip.5.183.95.20) | eole.andesreader.com | - | High
+10 | [5.183.95.54](https://vuldb.com/?ip.5.183.95.54) | mail.trinityhht.store | - | High
+11 | [5.183.95.165](https://vuldb.com/?ip.5.183.95.165) | - | - | High
+12 | [5.188.6.118](https://vuldb.com/?ip.5.188.6.118) | subnet.local | - | High
+13 | [5.206.224.39](https://vuldb.com/?ip.5.206.224.39) | hostname | - | High
+14 | [5.230.67.2](https://vuldb.com/?ip.5.230.67.2) | - | - | High
+15 | [5.230.70.23](https://vuldb.com/?ip.5.230.70.23) | placeholder.noezserver.de | - | High
+16 | [5.230.72.245](https://vuldb.com/?ip.5.230.72.245) | - | - | High
+17 | [5.230.73.37](https://vuldb.com/?ip.5.230.73.37) | placeholder.noezserver.de | - | High
+18 | [5.230.73.234](https://vuldb.com/?ip.5.230.73.234) | - | - | High
+19 | [5.230.74.62](https://vuldb.com/?ip.5.230.74.62) | placeholder.noezserver.de | - | High
+20 | [5.230.74.81](https://vuldb.com/?ip.5.230.74.81) | - | - | High
+21 | [13.39.160.220](https://vuldb.com/?ip.13.39.160.220) | ec2-13-39-160-220.eu-west-3.compute.amazonaws.com | - | Medium
+22 | [13.49.57.110](https://vuldb.com/?ip.13.49.57.110) | ec2-13-49-57-110.eu-north-1.compute.amazonaws.com | - | Medium
+23 | [13.59.168.154](https://vuldb.com/?ip.13.59.168.154) | ec2-13-59-168-154.us-east-2.compute.amazonaws.com | - | Medium
+24 | [15.188.49.63](https://vuldb.com/?ip.15.188.49.63) | ec2-15-188-49-63.eu-west-3.compute.amazonaws.com | - | Medium
+25 | [16.162.137.220](https://vuldb.com/?ip.16.162.137.220) | ec2-16-162-137-220.ap-east-1.compute.amazonaws.com | - | Medium
+26 | [18.130.242.71](https://vuldb.com/?ip.18.130.242.71) | ec2-18-130-242-71.eu-west-2.compute.amazonaws.com | - | Medium
+27 | [18.144.70.39](https://vuldb.com/?ip.18.144.70.39) | ec2-18-144-70-39.us-west-1.compute.amazonaws.com | - | Medium
+28 | [18.159.131.20](https://vuldb.com/?ip.18.159.131.20) | ec2-18-159-131-20.eu-central-1.compute.amazonaws.com | - | Medium
+29 | [18.159.131.209](https://vuldb.com/?ip.18.159.131.209) | ec2-18-159-131-209.eu-central-1.compute.amazonaws.com | - | Medium
+30 | [18.191.133.139](https://vuldb.com/?ip.18.191.133.139) | ec2-18-191-133-139.us-east-2.compute.amazonaws.com | - | Medium
+31 | [18.204.17.193](https://vuldb.com/?ip.18.204.17.193) | ec2-18-204-17-193.compute-1.amazonaws.com | - | Medium
+32 | [18.221.191.129](https://vuldb.com/?ip.18.221.191.129) | ec2-18-221-191-129.us-east-2.compute.amazonaws.com | - | Medium
+33 | [23.94.56.154](https://vuldb.com/?ip.23.94.56.154) | 23-94-56-154-host.colocrossing.com | - | High
+34 | [23.106.223.117](https://vuldb.com/?ip.23.106.223.117) | - | - | High
+35 | [23.163.0.34](https://vuldb.com/?ip.23.163.0.34) | hehomeset.com | - | High
+36 | [23.163.0.51](https://vuldb.com/?ip.23.163.0.51) | good-jikmoon.electmum.com | - | High
+37 | [23.163.0.149](https://vuldb.com/?ip.23.163.0.149) | lyfb-000149.lyfbuz.com | - | High
+38 | [23.163.0.168](https://vuldb.com/?ip.23.163.0.168) | tech-000168.techydrov.com | - | High
+39 | [23.163.0.228](https://vuldb.com/?ip.23.163.0.228) | scary-pencil.fluentbeam.com | - | High
+40 | [23.163.0.241](https://vuldb.com/?ip.23.163.0.241) | way2-000241.way2moveis.com | - | High
+41 | [23.227.198.243](https://vuldb.com/?ip.23.227.198.243) | 23-227-198-243.static.hvvc.us | - | High
+42 | [23.229.117.247](https://vuldb.com/?ip.23.229.117.247) | - | - | High
+43 | [34.172.205.52](https://vuldb.com/?ip.34.172.205.52) | 52.205.172.34.bc.googleusercontent.com | - | Medium
+44 | [34.219.121.232](https://vuldb.com/?ip.34.219.121.232) | ec2-34-219-121-232.us-west-2.compute.amazonaws.com | - | Medium
+45 | [34.249.53.58](https://vuldb.com/?ip.34.249.53.58) | ec2-34-249-53-58.eu-west-1.compute.amazonaws.com | - | Medium
+46 | [35.157.43.44](https://vuldb.com/?ip.35.157.43.44) | ec2-35-157-43-44.eu-central-1.compute.amazonaws.com | - | Medium
+47 | [35.180.225.185](https://vuldb.com/?ip.35.180.225.185) | ec2-35-180-225-185.eu-west-3.compute.amazonaws.com | - | Medium
+48 | [35.181.59.201](https://vuldb.com/?ip.35.181.59.201) | ec2-35-181-59-201.eu-west-3.compute.amazonaws.com | - | Medium
+49 | [35.183.14.149](https://vuldb.com/?ip.35.183.14.149) | ec2-35-183-14-149.ca-central-1.compute.amazonaws.com | - | Medium
+50 | [37.220.31.17](https://vuldb.com/?ip.37.220.31.17) | aviation.metagroups.info | - | High
+51 | [37.220.31.54](https://vuldb.com/?ip.37.220.31.54) | d6.wve.futuristi-ccoding.com | - | High
+52 | [37.220.31.104](https://vuldb.com/?ip.37.220.31.104) | 10-4netw0rk.mynet.com.tr | - | High
+53 | [37.228.129.4](https://vuldb.com/?ip.37.228.129.4) | - | - | High
+54 | [37.235.54.42](https://vuldb.com/?ip.37.235.54.42) | 42.54.235.37.in-addr.arpa | - | High
+55 | [37.235.54.52](https://vuldb.com/?ip.37.235.54.52) | 52.54.235.37.in-addr.arpa | - | High
+56 | [37.235.54.81](https://vuldb.com/?ip.37.235.54.81) | 81.54.235.37.in-addr.arpa | - | High
+57 | [41.199.178.166](https://vuldb.com/?ip.41.199.178.166) | HOST-166-178.199.41.nile-online.net | - | High
+58 | [43.139.241.58](https://vuldb.com/?ip.43.139.241.58) | - | - | High
+59 | [43.155.77.226](https://vuldb.com/?ip.43.155.77.226) | - | - | High
+60 | [43.155.116.250](https://vuldb.com/?ip.43.155.116.250) | - | - | High
+61 | [43.239.158.5](https://vuldb.com/?ip.43.239.158.5) | - | - | High
+62 | [44.212.9.14](https://vuldb.com/?ip.44.212.9.14) | ec2-44-212-9-14.compute-1.amazonaws.com | - | Medium
+63 | [44.212.18.9](https://vuldb.com/?ip.44.212.18.9) | ec2-44-212-18-9.compute-1.amazonaws.com | - | Medium
+64 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
+65 | [45.32.124.182](https://vuldb.com/?ip.45.32.124.182) | 45.32.124.182.vultrusercontent.com | - | High
+66 | [45.33.119.19](https://vuldb.com/?ip.45.33.119.19) | li1056-19.members.linode.com | - | High
+67 | [45.56.165.17](https://vuldb.com/?ip.45.56.165.17) | nordns.crowncloud.net | - | High
+68 | [45.61.136.152](https://vuldb.com/?ip.45.61.136.152) | - | - | High
+69 | [45.66.249.118](https://vuldb.com/?ip.45.66.249.118) | 7r277nw66g.shybeaveronline.com | - | High
+70 | [45.76.181.107](https://vuldb.com/?ip.45.76.181.107) | 45.76.181.107.vultrusercontent.com | - | High
+71 | [45.77.198.117](https://vuldb.com/?ip.45.77.198.117) | 45.77.198.117.vultrusercontent.com | - | High
+72 | [45.82.72.227](https://vuldb.com/?ip.45.82.72.227) | - | - | High
+73 | [45.86.163.228](https://vuldb.com/?ip.45.86.163.228) | - | - | High
+74 | [45.86.230.64](https://vuldb.com/?ip.45.86.230.64) | srv2.lg-c.net | - | High
+75 | [45.92.156.105](https://vuldb.com/?ip.45.92.156.105) | - | - | High
+76 | [45.114.129.150](https://vuldb.com/?ip.45.114.129.150) | hostedby.idfnv.net | - | High
+77 | [45.125.64.198](https://vuldb.com/?ip.45.125.64.198) | openisa.dealingdeals4us.info | - | High
+78 | [45.128.156.3](https://vuldb.com/?ip.45.128.156.3) | webfair.store | - | High
+79 | [45.128.156.10](https://vuldb.com/?ip.45.128.156.10) | frm3-zendable.com | - | High
+80 | [45.128.156.43](https://vuldb.com/?ip.45.128.156.43) | buyetcapp.store | - | High
+81 | ... | ... | ... | ...

-There are 311 more IOC items available. Please use our online service to access the data.
+There are 318 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -161,7 +163,7 @@ ID | Type | Indicator | Confidence
 34 | File | `/wp-content/plugins/updraftplus/admin.php` | High
 35 | ... | ... | ...

-There are 302 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 304 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -190,6 +192,8 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b58b9ebe1f519edc160ec4f56d5522caa4596230257ec75d82d93b9cfaec0c63%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b69fe3fbfcc457757958858ba0e0a6b57bad342ba6457860bd3bea89f2301328%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22b79d78b5f597cc5cfcab400f6b1abcf095fc275b8dc9640ea193f2138f53c9d5%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22bb05049bfe26b30bcb6c0842a1dc6d8c3b71f0b41dd778ac6c76eaf74a620483%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22bba2e2f6a311fe3c985a856a2097eb0195059fba544e7acd172a38369e1d4cbe%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22bbf66c82e1241be64fa8dc5412836020a4caa42dd9623b2a2dd04ddee84a8a8b%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22bd45f98bb186047667196c558d28d54eab8e6980011311c2dcb9c9031eb9c2a1%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22beb4ecb5ac0bc50fcff87b5b360e935ddbee3f9207bf97c2b87b624063e8ae3a%22
@ -212,6 +216,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22cd155b015ea2e8d4b4ad255bde80522605cce7dd45e63a553da19eb40f4ba164%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22cd274fe56f25f49fa8b2108e8692611aed1eff06908b1929b13701a7b8121757%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d0a1ce295d8cb17121c2d53fc57720071168552b851cb8dcb48d0d8291d19495%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d2e05d4f95be739ccf38400ec3bff07850d45694b409919f7ffeeb2e045ad739%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d62e30b1ad3e4a5e6af1f3e0451ee6432c7949b73751d3a456be5b40c13a447e%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22d360ecb50280e8747808acda5f0e2bc9f7e29f4b60576af14284ec6aa87f676b%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22dbddfe3e7c9f992b12a776387ec36baef4689c90e76e70c32f5742fca707cf07%22
@ -245,6 +250,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22fdffacdd96db3eb4c84ea257e4ecdfd2c18ccf184804e78315545be0026314b7%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220b5b4b77e76fc323debdd6b60e05ce3c80d6d305512fd066259e25e7b91bb3b2%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220bed903c9b43242ce2bf776bc1f8b826a47442ec472bf28e3d300221d45e5631%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220e7705888a9000b0a2c8ca2a4846d890920d19bd6af9c50fb34668b4673f54c7%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%220ebaabf79ecaccb878e0ecc68b6c868ef047ac8735a3347ff892c3420b47803f%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221af6ae62dca201286d4b11ee20fd1e8dcf343d2e8500de51f9175bcf3d12e06f%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%221bd713b603ea09badad645fd38c8e9f75629d122cd81fcecd00ab2a5933feeea%22
@ -260,12 +266,14 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224cf314b141acb1f2cf2a4a88d39e1d6aa7c8bda40fb44edf5c33850416bea988%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%224da0d71509226e8aed9a04e389b2a78fedd527469c1c429c634ab821d9b8ec65%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225b36c58791e18728d53b05f27abc88b93724c4ce08c3f62c749c5e563da82a14%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225c4b8f572f297bb98b1d2e47075aec68b3b9da1fb76606e07d8176edbe1338c8%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%225d5ff125ad48581ab86d75669d2ca79c1e02de1be746508c5cdcf767fd6b1eb0%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226a80cb5adacc61a445d3b1962a79ed40adb62e4eaddebea7131ddbc2bfebf108%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226a93688d69aeab73fb28239f0b7ccb8b15ef876d6b134c379ae36a2526d29d83%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226a165551d34f38fd44b9fb1949685d14cc36220c99e0e6b05db8907229f7182d%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226af642c2cf73c24aded656e3945810dca3c5d51c28b3c7d28852463c98e76e4c%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226b401e864cf63c438779b4935499f28f2f26dd685af330f311c9a80d55f6d7b5%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226b5706c23d2c44d23360638793012e5df95c88f8408ad93c71113719f9ef02a2%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226c6d464110a46f813722131e8cce268bdccfdfeb705ce25fcc51cabe0b88c8e4%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226cbb0cef1838f2b253613796470b7fcc3cd4453d3f5be8220aeda52f383fb781%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%226d64edc2a8867b924b85d762657e103ad3338e1bd40b3ffca92633df41e9003e%22
@ -309,10 +317,13 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2296cce5f34ad1dac4100822fa1f8e4ed96d06a9aa08f98ded27891eeec656d4f7%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2298af871908ffc7c141802d96f585def4a160491c875118ef88c545ce04194cd8%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%2299b3f3b85d0fc68918abbde16579009b2ebae3300d633fd0ed81d96ba98a38d8%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22097cd9f2c1af35f7dd632fe16f83b9b3aef51e78f1b4393047c499ebb2be2fda%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22108f811bc2de45a7dab2156c4617ce3fa42cf3eb5abb72759839a63cefec4cad%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22225ec72ef1adf4ab077107adb2784c35ff1c0db1c0a8efcba78c3cadac4a47a8%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22354c6d8d9033668867406be1bb6238647e207cb5f2de6a776ae3d461637efa8e%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22409e50ae1c3f70cf81350be6f3cd218b0c9ef15eb03439c15d53a6012bddae2f%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22432ed1ee42746631cefc6d8a69c3ff06ce34c5540437c228a49a4c1c0eb3928a%22
+* https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22451acafcf7fbfdfa0c79d0fba2e749a795e2fb0dff66e2a70ace01cd242ff4d4%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22465b0d83b7e5e1426d3adf546c9496d63c1a6116364af2be294da83699033b4f%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22467e9ded44012e1bec85365276e90fdde7a7cd5fc459f180e2a89355a3a989bb%22
 * https://search.censys.io/search?resource=hosts&q=services.certificate%3A%22479e1f86c7200a3dc99742937c7db6f9fb75f4ee3a8bd42ad17e8132091982f3%22
--- a/actors/Bioload/README.md
+++ b/actors/Bioload/README.md
@ -0,0 +1,30 @@
+# Bioload - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Bioload](https://vuldb.com/?actor.bioload). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.bioload](https://vuldb.com/?actor.bioload)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Bioload.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [6.43.51.17](https://vuldb.com/?ip.6.43.51.17) | - | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.fortinet.com/blog/threat-research/bioload-fin7-boostwrite-lost-twin.html
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Basta/README.md
+++ b/Basta/README.md
@ -104,34 +104,34 @@ ID | Type | Indicator | Confidence
 34 | File | `/websocket/exec` | High
 35 | File | `access.conf` | Medium
 36 | File | `adclick.php` | Medium
-37 | File | `admin.php` | Medium
-38 | File | `admin.php?m=backup&c=backup&a=doback` | High
-39 | File | `admin.remository.php` | High
-40 | File | `admin/admin_users.php` | High
-41 | File | `admin/login.php` | High
-42 | File | `admin/upload.php` | High
-43 | File | `administers` | Medium
-44 | File | `Administrator_list.php` | High
-45 | File | `advancedsetup_websiteblocking.html` | High
-46 | File | `affich.php` | Medium
-47 | File | `ajax_mail_autoreply.php` | High
-48 | File | `ajax_save_name.php` | High
-49 | File | `album_portal.php` | High
-50 | File | `allocator.cc` | Medium
-51 | File | `announcements.php` | High
-52 | File | `ap1.com` | Low
-53 | File | `apache2/modsecurity.c` | High
-54 | File | `api_jsonrpc.php` | High
-55 | File | `app/admin/controller/Ajax.php` | High
-56 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
-57 | File | `application.php` | High
-58 | File | `apply.cgi` | Medium
-59 | File | `asp:.jpg` | Medium
-60 | File | `authfiles/login.asp` | High
-61 | File | `bb_usage_stats.php` | High
+37 | File | `addsuppliers.php` | High
+38 | File | `admin.php` | Medium
+39 | File | `admin.php?m=backup&c=backup&a=doback` | High
+40 | File | `admin.remository.php` | High
+41 | File | `admin/admin_users.php` | High
+42 | File | `admin/login.php` | High
+43 | File | `admin/upload.php` | High
+44 | File | `administers` | Medium
+45 | File | `Administrator_list.php` | High
+46 | File | `advancedsetup_websiteblocking.html` | High
+47 | File | `affich.php` | Medium
+48 | File | `ajax_mail_autoreply.php` | High
+49 | File | `ajax_save_name.php` | High
+50 | File | `album_portal.php` | High
+51 | File | `allocator.cc` | Medium
+52 | File | `announcements.php` | High
+53 | File | `ap1.com` | Low
+54 | File | `apache2/modsecurity.c` | High
+55 | File | `api_jsonrpc.php` | High
+56 | File | `app/admin/controller/Ajax.php` | High
+57 | File | `App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf` | High
+58 | File | `application.php` | High
+59 | File | `apply.cgi` | Medium
+60 | File | `asp:.jpg` | Medium
+61 | File | `authfiles/login.asp` | High
 62 | ... | ... | ...

-There are 545 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 547 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/C4/README.md
+++ b/C4/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [GB](https://vuldb.com/?country.gb)
 * ...

-There are 24 more country items available. Please use our online service to access the data.
+There are 25 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -42,21 +42,22 @@ ID | IP address | Hostname | Campaign | Confidence
 19 | [18.134.141.72](https://vuldb.com/?ip.18.134.141.72) | ec2-18-134-141-72.eu-west-2.compute.amazonaws.com | - | Medium
 20 | [18.163.6.122](https://vuldb.com/?ip.18.163.6.122) | ec2-18-163-6-122.ap-east-1.compute.amazonaws.com | - | Medium
 21 | [18.176.20.234](https://vuldb.com/?ip.18.176.20.234) | ec2-18-176-20-234.ap-northeast-1.compute.amazonaws.com | - | Medium
-22 | [18.177.226.88](https://vuldb.com/?ip.18.177.226.88) | ec2-18-177-226-88.ap-northeast-1.compute.amazonaws.com | - | Medium
-23 | [18.178.244.246](https://vuldb.com/?ip.18.178.244.246) | ec2-18-178-244-246.ap-northeast-1.compute.amazonaws.com | - | Medium
-24 | [18.182.126.252](https://vuldb.com/?ip.18.182.126.252) | ec2-18-182-126-252.ap-northeast-1.compute.amazonaws.com | - | Medium
-25 | [18.188.54.77](https://vuldb.com/?ip.18.188.54.77) | ec2-18-188-54-77.us-east-2.compute.amazonaws.com | - | Medium
-26 | [18.208.87.99](https://vuldb.com/?ip.18.208.87.99) | ec2-18-208-87-99.compute-1.amazonaws.com | - | Medium
-27 | [18.217.179.8](https://vuldb.com/?ip.18.217.179.8) | ec2-18-217-179-8.us-east-2.compute.amazonaws.com | - | Medium
-28 | [18.236.92.31](https://vuldb.com/?ip.18.236.92.31) | ec2-18-236-92-31.us-west-2.compute.amazonaws.com | - | Medium
-29 | [23.254.167.32](https://vuldb.com/?ip.23.254.167.32) | hwsrv-1075866.hostwindsdns.com | - | High
-30 | [31.42.189.61](https://vuldb.com/?ip.31.42.189.61) | caponystmodo.live | - | High
-31 | [31.184.198.83](https://vuldb.com/?ip.31.184.198.83) | - | - | High
-32 | [34.195.122.225](https://vuldb.com/?ip.34.195.122.225) | ec2-34-195-122-225.compute-1.amazonaws.com | - | Medium
-33 | [34.206.147.4](https://vuldb.com/?ip.34.206.147.4) | ec2-34-206-147-4.compute-1.amazonaws.com | - | Medium
-34 | ... | ... | ... | ...
+22 | [18.176.35.161](https://vuldb.com/?ip.18.176.35.161) | ec2-18-176-35-161.ap-northeast-1.compute.amazonaws.com | - | Medium
+23 | [18.177.226.88](https://vuldb.com/?ip.18.177.226.88) | ec2-18-177-226-88.ap-northeast-1.compute.amazonaws.com | - | Medium
+24 | [18.178.244.246](https://vuldb.com/?ip.18.178.244.246) | ec2-18-178-244-246.ap-northeast-1.compute.amazonaws.com | - | Medium
+25 | [18.182.126.252](https://vuldb.com/?ip.18.182.126.252) | ec2-18-182-126-252.ap-northeast-1.compute.amazonaws.com | - | Medium
+26 | [18.188.54.77](https://vuldb.com/?ip.18.188.54.77) | ec2-18-188-54-77.us-east-2.compute.amazonaws.com | - | Medium
+27 | [18.208.87.99](https://vuldb.com/?ip.18.208.87.99) | ec2-18-208-87-99.compute-1.amazonaws.com | - | Medium
+28 | [18.217.179.8](https://vuldb.com/?ip.18.217.179.8) | ec2-18-217-179-8.us-east-2.compute.amazonaws.com | - | Medium
+29 | [18.236.92.31](https://vuldb.com/?ip.18.236.92.31) | ec2-18-236-92-31.us-west-2.compute.amazonaws.com | - | Medium
+30 | [23.254.167.32](https://vuldb.com/?ip.23.254.167.32) | hwsrv-1075866.hostwindsdns.com | - | High
+31 | [31.42.189.61](https://vuldb.com/?ip.31.42.189.61) | caponystmodo.live | - | High
+32 | [31.184.198.83](https://vuldb.com/?ip.31.184.198.83) | - | - | High
+33 | [34.195.122.225](https://vuldb.com/?ip.34.195.122.225) | ec2-34-195-122-225.compute-1.amazonaws.com | - | Medium
+34 | [34.206.147.4](https://vuldb.com/?ip.34.206.147.4) | ec2-34-206-147-4.compute-1.amazonaws.com | - | Medium
+35 | ... | ... | ... | ...

-There are 132 more IOC items available. Please use our online service to access the data.
+There are 134 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -89,67 +90,64 @@ ID | Type | Indicator | Confidence
 8 | File | `/admin/userprofile.php` | High
 9 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
 10 | File | `/adms/admin/?page=vehicles/view_transaction` | High
-11 | File | `/apilog.php` | Medium
-12 | File | `/APR/login.php` | High
-13 | File | `/bin/httpd` | Medium
-14 | File | `/cgi-bin/wapopen` | High
-15 | File | `/dev/block/mmcblk0rpmb` | High
-16 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
-17 | File | `/face-recognition-php/facepay-master/camera.php` | High
-18 | File | `/feeds/post/publish` | High
-19 | File | `/forum/away.php` | High
-20 | File | `/fos/admin/ajax.php?action=login` | High
-21 | File | `/fos/admin/index.php?page=menu` | High
-22 | File | `/home/masterConsole` | High
-23 | File | `/home/sendBroadcast` | High
-24 | File | `/hrm/employeeadd.php` | High
-25 | File | `/hrm/employeeview.php` | High
-26 | File | `/inc/jquery/uploadify/uploadify.php` | High
-27 | File | `/index.php` | Medium
-28 | File | `/index.php?app=main&func=passport&action=login` | High
-29 | File | `/index.php?page=category_list` | High
-30 | File | `/items/view_item.php` | High
-31 | File | `/jobinfo/` | Medium
-32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
-33 | File | `/lookin/info` | Medium
-34 | File | `/medical/inventories.php` | High
-35 | File | `/modules/profile/index.php` | High
-36 | File | `/modules/public/calendar.php` | High
-37 | File | `/Moosikay/order.php` | High
-38 | File | `/mygym/admin/index.php?view_exercises` | High
-39 | File | `/newsDia.php` | Medium
-40 | File | `/opac/Actions.php?a=login` | High
-41 | File | `/out.php` | Medium
-42 | File | `/php-opos/index.php` | High
-43 | File | `/PreviewHandler.ashx` | High
-44 | File | `/proxy` | Low
-45 | File | `/public/launchNewWindow.jsp` | High
-46 | File | `/Redcock-Farm/farm/category.php` | High
-47 | File | `/reports/rwservlet` | High
-48 | File | `/reservation/add_message.php` | High
-49 | File | `/spip.php` | Medium
-50 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
-51 | File | `/staff/bookdetails.php` | High
-52 | File | `/uncpath/` | Medium
-53 | File | `/user/updatePwd` | High
-54 | File | `/user/update_booking.php` | High
-55 | File | `/wireless/security.asp` | High
-56 | File | `/wp-admin/admin-ajax.php` | High
-57 | File | `01article.php` | High
-58 | File | `a-forms.php` | Medium
-59 | File | `AbstractScheduleJob.java` | High
-60 | File | `actionphp/download.File.php` | High
-61 | File | `activenews_view.asp` | High
-62 | File | `adclick.php` | Medium
-63 | File | `admin.a6mambocredits.php` | High
-64 | File | `admin.cropcanvas.php` | High
-65 | File | `admin.php` | Medium
-66 | File | `admin/abc.php` | High
-67 | File | `admin/admin.php?action=users&mode=info&user=2` | High
-68 | File | `admin/admin/adminsave.html` | High
-69 | ... | ... | ...
+11 | File | `/APR/login.php` | High
+12 | File | `/bin/httpd` | Medium
+13 | File | `/cgi-bin/wapopen` | High
+14 | File | `/dev/block/mmcblk0rpmb` | High
+15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
+16 | File | `/face-recognition-php/facepay-master/camera.php` | High
+17 | File | `/feeds/post/publish` | High
+18 | File | `/forum/away.php` | High
+19 | File | `/fos/admin/ajax.php?action=login` | High
+20 | File | `/fos/admin/index.php?page=menu` | High
+21 | File | `/home/masterConsole` | High
+22 | File | `/home/sendBroadcast` | High
+23 | File | `/hrm/employeeadd.php` | High
+24 | File | `/hrm/employeeview.php` | High
+25 | File | `/inc/jquery/uploadify/uploadify.php` | High
+26 | File | `/index.php?app=main&func=passport&action=login` | High
+27 | File | `/index.php?page=category_list` | High
+28 | File | `/jobinfo/` | Medium
+29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+30 | File | `/lookin/info` | Medium
+31 | File | `/Moosikay/order.php` | High
+32 | File | `/mygym/admin/index.php?view_exercises` | High
+33 | File | `/opac/Actions.php?a=login` | High
+34 | File | `/out.php` | Medium
+35 | File | `/php-opos/index.php` | High
+36 | File | `/PreviewHandler.ashx` | High
+37 | File | `/proxy` | Low
+38 | File | `/public/launchNewWindow.jsp` | High
+39 | File | `/Redcock-Farm/farm/category.php` | High
+40 | File | `/reports/rwservlet` | High
+41 | File | `/reservation/add_message.php` | High
+42 | File | `/spip.php` | Medium
+43 | File | `/uncpath/` | Medium
+44 | File | `/uploads/exam_question/` | High
+45 | File | `/user/updatePwd` | High
+46 | File | `/user/update_booking.php` | High
+47 | File | `/var/lib/docker/<remapping>` | High
+48 | File | `/wireless/security.asp` | High
+49 | File | `/wp-admin/admin-ajax.php` | High
+50 | File | `01article.php` | High
+51 | File | `a-forms.php` | Medium
+52 | File | `AbstractScheduleJob.java` | High
+53 | File | `actionphp/download.File.php` | High
+54 | File | `activenews_view.asp` | High
+55 | File | `adclick.php` | Medium
+56 | File | `admin.a6mambocredits.php` | High
+57 | File | `admin.cropcanvas.php` | High
+58 | File | `admin.php` | Medium
+59 | File | `admin/abc.php` | High
+60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
+61 | File | `admin/admin/adminsave.html` | High
+62 | File | `admin/asset/grid-proxy` | High
+63 | File | `admin/auditTrail.jsf` | High
+64 | File | `admin/conf_users_edit.php` | High
+65 | File | `admin/disapprove_user.php` | High
+66 | ... | ... | ...

-There are 603 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 574 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -170,6 +168,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/18.134.141.72
 * https://search.censys.io/hosts/18.163.6.122
 * https://search.censys.io/hosts/18.176.20.234
+* https://search.censys.io/hosts/18.176.35.161
 * https://search.censys.io/hosts/18.177.226.88
 * https://search.censys.io/hosts/18.178.244.246
 * https://search.censys.io/hosts/18.182.126.252
@ -188,6 +187,8 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/37.119.57.169
 * https://search.censys.io/hosts/37.119.57.195
 * https://search.censys.io/hosts/43.207.8.102
+* https://search.censys.io/hosts/47.252.28.13
+* https://search.censys.io/hosts/50.16.83.73
 * https://search.censys.io/hosts/50.116.29.40
 * https://search.censys.io/hosts/51.77.112.254
 * https://search.censys.io/hosts/52.68.31.77
--- a/actors/Carbanak/README.md
+++ b/actors/Carbanak/README.md
@ -130,7 +130,7 @@ ID | Type | Indicator | Confidence
 40 | File | `admin.php` | Medium
 41 | ... | ... | ...

-There are 353 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 357 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Clop/README.md
+++ b/actors/Clop/README.md
@ -0,0 +1,30 @@
+# Clop - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Clop](https://vuldb.com/?actor.clop). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.clop](https://vuldb.com/?actor.clop)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Clop.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [3.29.17.1](https://vuldb.com/?ip.3.29.17.1) | ec2-3-29-17-1.me-central-1.compute.amazonaws.com | - | Medium
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.bleepingcomputer.com/news/security/clop-ransomware-tries-to-disable-windows-defender-malwarebytes/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Group/README.md
+++ b/Group/README.md
@ -63,40 +63,40 @@ ID | Type | Indicator | Confidence
 11 | File | `/admin/sign/out` | High
 12 | File | `/api/common/ping` | High
 13 | File | `/api/v2/open/tablesInfo` | High
-14 | File | `/asms/classes/Master.php?f=delete_img` | High
-15 | File | `/catcompany.php` | High
-16 | File | `/classes/Master.php?f=delete_appointment` | High
-17 | File | `/classes/Users.php` | High
-18 | File | `/cms/notify` | Medium
-19 | File | `/depotHead/list` | High
-20 | File | `/device/signin` | High
-21 | File | `/fusiondirectory/index.php` | High
-22 | File | `/goform/addressNat` | High
-23 | File | `/goform/fast_setting_wifi_set` | High
-24 | File | `/goform/RGFirewallEL` | High
-25 | File | `/goform/WifiBasicSet` | High
-26 | File | `/HNAP1` | Low
-27 | File | `/hslist` | Low
-28 | File | `/js/player/dmplayer/dmku/index.php` | High
-29 | File | `/lists/admin/` | High
-30 | File | `/login/index.php` | High
-31 | File | `/multi-vendor-shopping-script/product-list.php` | High
-32 | File | `/myAccount` | Medium
-33 | File | `/note/index/delete` | High
-34 | File | `/operations/travellers.php` | High
-35 | File | `/php-sms/admin/orders/update_status.php` | High
-36 | File | `/php-sms/classes/Master.php?f=delete_service` | High
-37 | File | `/public/launchNewWindow.jsp` | High
-38 | File | `/release-x64/otfccdump+0x6b6a8f` | High
-39 | File | `/release-x64/otfccdump+0x6e7e3d` | High
-40 | File | `/release-x64/otfccdump+0x6e41a8` | High
+14 | File | `/api/wechat/app_auth` | High
+15 | File | `/asms/classes/Master.php?f=delete_img` | High
+16 | File | `/catcompany.php` | High
+17 | File | `/classes/Master.php?f=delete_appointment` | High
+18 | File | `/classes/Users.php` | High
+19 | File | `/cms/notify` | Medium
+20 | File | `/depotHead/list` | High
+21 | File | `/device/signin` | High
+22 | File | `/fusiondirectory/index.php` | High
+23 | File | `/goform/addressNat` | High
+24 | File | `/goform/fast_setting_wifi_set` | High
+25 | File | `/goform/RGFirewallEL` | High
+26 | File | `/goform/WifiBasicSet` | High
+27 | File | `/HNAP1` | Low
+28 | File | `/hslist` | Low
+29 | File | `/js/player/dmplayer/dmku/index.php` | High
+30 | File | `/lists/admin/` | High
+31 | File | `/login/index.php` | High
+32 | File | `/multi-vendor-shopping-script/product-list.php` | High
+33 | File | `/myAccount` | Medium
+34 | File | `/note/index/delete` | High
+35 | File | `/operations/travellers.php` | High
+36 | File | `/php-sms/admin/orders/update_status.php` | High
+37 | File | `/php-sms/classes/Master.php?f=delete_service` | High
+38 | File | `/public/launchNewWindow.jsp` | High
+39 | File | `/release-x64/otfccdump+0x6b6a8f` | High
+40 | File | `/release-x64/otfccdump+0x6e7e3d` | High
 41 | File | `/rukovoditel/index.php?module=users/login` | High
 42 | File | `/SVFE2/pages/feegroups/mcc_group.jsf` | High
 43 | File | `/sys/duplicate/check` | High
 44 | File | `/timeline2.php` | High
 45 | ... | ... | ...

-There are 391 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 390 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Strike/README.md
+++ b/Strike/README.md
--- a/actors/DCRat/README.md
+++ b/actors/DCRat/README.md
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with DCRat:

 * [CN](https://vuldb.com/?country.cn)
-* [PL](https://vuldb.com/?country.pl)
 * [US](https://vuldb.com/?country.us)
+* [RU](https://vuldb.com/?country.ru)
 * ...

-There are 9 more country items available. Please use our online service to access the data.
+There are 11 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -25,18 +25,20 @@ ID | IP address | Hostname | Campaign | Confidence
 2 | [1.242.139.44](https://vuldb.com/?ip.1.242.139.44) | - | - | High
 3 | [5.135.83.205](https://vuldb.com/?ip.5.135.83.205) | 5-135-83-205.asyx.ru | - | High
 4 | [5.178.3.191](https://vuldb.com/?ip.5.178.3.191) | - | - | High
-5 | [20.223.128.97](https://vuldb.com/?ip.20.223.128.97) | - | - | High
-6 | [43.243.111.229](https://vuldb.com/?ip.43.243.111.229) | - | - | High
-7 | [45.77.34.211](https://vuldb.com/?ip.45.77.34.211) | 45.77.34.211.vultrusercontent.com | - | High
-8 | [45.95.19.170](https://vuldb.com/?ip.45.95.19.170) | - | - | High
-9 | [45.95.19.172](https://vuldb.com/?ip.45.95.19.172) | - | - | High
-10 | [45.95.19.173](https://vuldb.com/?ip.45.95.19.173) | - | - | High
-11 | [45.95.19.174](https://vuldb.com/?ip.45.95.19.174) | - | - | High
-12 | [45.140.147.214](https://vuldb.com/?ip.45.140.147.214) | vm1329418.stark-industries.solutions | - | High
-13 | [46.149.77.33](https://vuldb.com/?ip.46.149.77.33) | v1874993.hosted-by-vdsina.ru | - | High
-14 | ... | ... | ... | ...
+5 | [20.216.178.113](https://vuldb.com/?ip.20.216.178.113) | - | - | High
+6 | [20.223.128.97](https://vuldb.com/?ip.20.223.128.97) | - | - | High
+7 | [34.92.66.146](https://vuldb.com/?ip.34.92.66.146) | 146.66.92.34.bc.googleusercontent.com | - | Medium
+8 | [40.87.50.159](https://vuldb.com/?ip.40.87.50.159) | - | - | High
+9 | [43.243.111.229](https://vuldb.com/?ip.43.243.111.229) | - | - | High
+10 | [45.77.34.211](https://vuldb.com/?ip.45.77.34.211) | 45.77.34.211.vultrusercontent.com | - | High
+11 | [45.95.19.170](https://vuldb.com/?ip.45.95.19.170) | - | - | High
+12 | [45.95.19.172](https://vuldb.com/?ip.45.95.19.172) | - | - | High
+13 | [45.95.19.173](https://vuldb.com/?ip.45.95.19.173) | - | - | High
+14 | [45.95.19.174](https://vuldb.com/?ip.45.95.19.174) | - | - | High
+15 | [45.140.147.214](https://vuldb.com/?ip.45.140.147.214) | vm1329418.stark-industries.solutions | - | High
+16 | ... | ... | ... | ...

-There are 52 more IOC items available. Please use our online service to access the data.
+There are 59 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -45,13 +47,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 20 more TTP items available. Please use our online service to access the data.
+There are 22 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -59,54 +61,60 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
-2 | File | `/adfs/ls` | Medium
-3 | File | `/admin/access` | High
-4 | File | `/admin/ajax/avatar.php` | High
-5 | File | `/admin/inventory/manage_stock.php` | High
-6 | File | `/admin/media/upload` | High
-7 | File | `/admin/options` | High
-8 | File | `/admin/show.php` | High
-9 | File | `/api/blade-log/api/list` | High
-10 | File | `/api/RecordingList/download` | High
-11 | File | `/Applications/Calculator.app/Contents/MacOS/Calculator` | High
-12 | File | `/batm/app/admin/standalone/deployments` | High
-13 | File | `/cgi-bin/go` | Medium
-14 | File | `/cgi-bin/webproc` | High
-15 | File | `/classes/conf/db.properties&config=filemanager.config.js` | High
-16 | File | `/common/info.cgi` | High
-17 | File | `/etc` | Low
-18 | File | `/exec/` | Low
-19 | File | `/forum/away.php` | High
-20 | File | `/getcfg.php` | Medium
-21 | File | `/HNAP1` | Low
-22 | File | `/Home/GetAttachment` | High
-23 | File | `/htdocs/cgibin` | High
-24 | File | `/index.php?s=/admin-tpl-del&id=` | High
-25 | File | `/my_photo_gallery/image.php` | High
-26 | File | `/new` | Low
-27 | File | `/oauth/authorized_applications.json` | High
-28 | File | `/opt/tplink/EAPController/lib/eap-web-3.2.6.jar` | High
-29 | File | `/patient/doctors.php` | High
-30 | File | `/phpinventory/editcategory.php` | High
-31 | File | `/phpinventory/edituser.php` | High
-32 | File | `/probe?target` | High
-33 | File | `/rk-responsive-contact-form/include/rk_user_list.php` | High
-34 | File | `/root/.urcaps` | High
-35 | File | `/schedules/view_schedule.php` | High
-36 | File | `/see_more_details.php` | High
-37 | File | `/service/upload` | High
-38 | File | `/spip.php` | Medium
-39 | File | `/template/edit` | High
-40 | File | `/uncpath/` | Medium
-41 | File | `/upload` | Low
-42 | File | `/var/run/jboss-eap/` | High
-43 | File | `/wp-json/wc/v3/webhooks` | High
-44 | File | `4.edu.php\conn\function.php` | High
-45 | File | `a1disp2.cgi/a1disp3.cgi/a1disp4.cgi` | High
-46 | ... | ... | ...
+1 | File | `//proc/kcore` | Medium
+2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
+3 | File | `/adfs/ls` | Medium
+4 | File | `/admin.php/Admin/adminadd.html` | High
+5 | File | `/Admin/add-student.php` | High
+6 | File | `/admin/ajax/avatar.php` | High
+7 | File | `/admin/inventory/manage_stock.php` | High
+8 | File | `/admin/media/upload` | High
+9 | File | `/admin/options` | High
+10 | File | `/admin/settings/save.php` | High
+11 | File | `/admin/show.php` | High
+12 | File | `/admin/userprofile.php` | High
+13 | File | `/api/blade-log/api/list` | High
+14 | File | `/api/RecordingList/download` | High
+15 | File | `/api/RecordingList/DownloadRecord?file=` | High
+16 | File | `/apply.cgi` | Medium
+17 | File | `/batm/app/admin/standalone/deployments` | High
+18 | File | `/cgi-bin/go` | Medium
+19 | File | `/cgi-bin/webproc` | High
+20 | File | `/cgi-bin/wlogin.cgi` | High
+21 | File | `/classes/conf/db.properties&config=filemanager.config.js` | High
+22 | File | `/College/admin/teacher.php` | High
+23 | File | `/common/info.cgi` | High
+24 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
+25 | File | `/dcim/rack-roles/` | High
+26 | File | `/exec/` | Low
+27 | File | `/forum/away.php` | High
+28 | File | `/getcfg.php` | Medium
+29 | File | `/goform/addUserName` | High
+30 | File | `/goform/aspForm` | High
+31 | File | `/goform/delAd` | High
+32 | File | `/goform/wifiSSIDset` | High
+33 | File | `/gpac/src/bifs/unquantize.c` | High
+34 | File | `/HNAP1` | Low
+35 | File | `/htdocs/cgibin` | High
+36 | File | `/inc/topBarNav.php` | High
+37 | File | `/index.asp` | Medium
+38 | File | `/index.php?s=/admin-tpl-del&id=` | High
+39 | File | `/jfinal_cms/system/role/list` | High
+40 | File | `/kelas/data` | Medium
+41 | File | `/Moosikay/order.php` | High
+42 | File | `/my_photo_gallery/image.php` | High
+43 | File | `/new` | Low
+44 | File | `/patient/doctors.php` | High
+45 | File | `/php-sms/admin/quotes/manage_remark.php` | High
+46 | File | `/phpinventory/editcategory.php` | High
+47 | File | `/phpinventory/edituser.php` | High
+48 | File | `/probe?target` | High
+49 | File | `/schedules/view_schedule.php` | High
+50 | File | `/secure/QueryComponent!Default.jspa` | High
+51 | File | `/service/upload` | High
+52 | ... | ... | ...

-There are 401 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 457 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -121,13 +129,17 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/1.165.96.128
 * https://search.censys.io/hosts/1.242.139.44
 * https://search.censys.io/hosts/5.178.3.191
+* https://search.censys.io/hosts/20.216.178.113
 * https://search.censys.io/hosts/20.223.128.97
+* https://search.censys.io/hosts/34.92.66.146
+* https://search.censys.io/hosts/40.87.50.159
 * https://search.censys.io/hosts/43.243.111.229
 * https://search.censys.io/hosts/45.77.34.211
 * https://search.censys.io/hosts/45.95.19.170
 * https://search.censys.io/hosts/45.95.19.172
 * https://search.censys.io/hosts/45.95.19.173
 * https://search.censys.io/hosts/45.95.19.174
+* https://search.censys.io/hosts/47.106.131.255
 * https://search.censys.io/hosts/64.44.166.203
 * https://search.censys.io/hosts/64.176.43.239
 * https://search.censys.io/hosts/77.92.154.211
@ -145,11 +157,15 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/112.213.98.87
 * https://search.censys.io/hosts/139.180.143.50
 * https://search.censys.io/hosts/142.202.242.168
+* https://search.censys.io/hosts/144.126.230.14
 * https://search.censys.io/hosts/154.53.42.53
+* https://search.censys.io/hosts/179.43.154.184
 * https://search.censys.io/hosts/179.61.251.188
+* https://search.censys.io/hosts/185.225.18.110
 * https://search.censys.io/hosts/192.99.10.207
 * https://search.censys.io/hosts/193.42.32.159
 * https://search.censys.io/hosts/198.23.212.148
+* https://search.censys.io/hosts/209.25.142.180
 * https://threatfox.abuse.ch
 * https://tria.ge/220411-rpjwpsagg7
 * https://tria.ge/220421-rkv36sbagj
--- a/RAT/README.md
+++ b/RAT/README.md
@ -0,0 +1,68 @@
+# Dacls RAT - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Dacls RAT](https://vuldb.com/?actor.dacls_rat). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.dacls_rat](https://vuldb.com/?actor.dacls_rat)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Dacls RAT:
+
+* [US](https://vuldb.com/?country.us)
+* [GB](https://vuldb.com/?country.gb)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Dacls RAT.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [1.125.125.5](https://vuldb.com/?ip.1.125.125.5) | - | - | High
+2 | [23.81.246.179](https://vuldb.com/?ip.23.81.246.179) | - | - | High
+3 | [23.227.196.116](https://vuldb.com/?ip.23.227.196.116) | 23-227-196-116.static.hvvc.us | - | High
+4 | ... | ... | ... | ...
+
+There are 9 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Dacls RAT_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 7 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Dacls RAT. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/forum/away.php` | High
+2 | File | `/out.php` | Medium
+3 | File | `/uncpath/` | Medium
+4 | ... | ... | ...
+
+There are 17 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://blog.netlab.360.com/dacls-the-dual-platform-rat/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Caracal/README.md
+++ b/Caracal/README.md
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
 3 | T1059 | CWE-94 | Cross Site Scripting | High
 4 | ... | ... | ... | ...

-There are 12 more TTP items available. Please use our online service to access the data.
+There are 13 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -50,19 +50,20 @@ ID | Type | Indicator | Confidence
 1 | File | `/admin/dl_sendmail.php` | High
 2 | File | `/api/v2/cli/commands` | High
 3 | File | `/apply.cgi` | Medium
-4 | File | `/owa/auth/logon.aspx` | High
-5 | File | `/spip.php` | Medium
-6 | File | `/usr/bin/pkexec` | High
-7 | File | `/zm/index.php` | High
-8 | File | `admin.jcomments.php` | High
-9 | File | `admin/file-manager/attachments` | High
-10 | File | `application/modules/admin/views/ecommerce/products.php` | High
-11 | File | `apply.cgi` | Medium
-12 | File | `archivejson.cgi` | High
-13 | File | `base/ErrorHandler.php` | High
-14 | ... | ... | ...
+4 | File | `/DXR.axd` | Medium
+5 | File | `/forum/away.php` | High
+6 | File | `/owa/auth/logon.aspx` | High
+7 | File | `/spip.php` | Medium
+8 | File | `/usr/bin/pkexec` | High
+9 | File | `/zm/index.php` | High
+10 | File | `admin.jcomments.php` | High
+11 | File | `admin/file-manager/attachments` | High
+12 | File | `application/modules/admin/views/ecommerce/products.php` | High
+13 | File | `apply.cgi` | Medium
+14 | File | `archivejson.cgi` | High
+15 | ... | ... | ...

-There are 108 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 117 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Dridex/README.md
+++ b/actors/Dridex/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...

-There are 17 more country items available. Please use our online service to access the data.
+There are 16 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -227,7 +227,7 @@ ID | Technique | Weakness | Description | Confidence
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 18 more TTP items available. Please use our online service to access the data.
+There are 19 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -236,43 +236,44 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `/?p=products` | Medium
-2 | File | `/about.php` | Medium
-3 | File | `/admin.php/accessory/filesdel.html` | High
-4 | File | `/admin/?page=user/manage` | High
-5 | File | `/admin/add-new.php` | High
-6 | File | `/admin/doctors.php` | High
-7 | File | `/admin/submit-articles` | High
-8 | File | `/alphaware/summary.php` | High
-9 | File | `/api/` | Low
-10 | File | `/api/admin/store/product/list` | High
-11 | File | `/api/RecordingList/DownloadRecord?file=` | High
-12 | File | `/api/stl/actions/search` | High
-13 | File | `/api/sys_username_passwd.cmd` | High
-14 | File | `/api/v2/cli/commands` | High
-15 | File | `/apply.cgi` | Medium
-16 | File | `/attachments` | Medium
+2 | File | `/admin.php/accessory/filesdel.html` | High
+3 | File | `/admin/?page=user/manage` | High
+4 | File | `/admin/add-new.php` | High
+5 | File | `/admin/doctors.php` | High
+6 | File | `/admin/submit-articles` | High
+7 | File | `/alphaware/summary.php` | High
+8 | File | `/api/` | Low
+9 | File | `/api/admin/store/product/list` | High
+10 | File | `/api/RecordingList/DownloadRecord?file=` | High
+11 | File | `/api/stl/actions/search` | High
+12 | File | `/api/sys_username_passwd.cmd` | High
+13 | File | `/api/v2/cli/commands` | High
+14 | File | `/apply.cgi` | Medium
+15 | File | `/attachments` | Medium
+16 | File | `/bin/ate` | Medium
 17 | File | `/boat/login.php` | High
 18 | File | `/bsms_ci/index.php/book` | High
 19 | File | `/cgi-bin` | Medium
-20 | File | `/cgi-bin/luci/api/wireless` | High
-21 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
-22 | File | `/cgi-bin/wlogin.cgi` | High
-23 | File | `/context/%2e/WEB-INF/web.xml` | High
-24 | File | `/debug/pprof` | Medium
+20 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
+21 | File | `/cgi-bin/wlogin.cgi` | High
+22 | File | `/context/%2e/WEB-INF/web.xml` | High
+23 | File | `/debug/pprof` | Medium
+24 | File | `/env` | Low
 25 | File | `/etc/hosts` | Medium
 26 | File | `/eval/admin/manage_class.php` | High
 27 | File | `/forum/away.php` | High
-28 | File | `/goform/setmac` | High
-29 | File | `/goform/wizard_end` | High
-30 | File | `/medicines/profile.php` | High
-31 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+28 | File | `/goform/wizard_end` | High
+29 | File | `/medicines/profile.php` | High
+30 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+31 | File | `/php-sms/admin/?page=user/manage_user` | High
 32 | File | `/proxy` | Low
 33 | File | `/reservation/add_message.php` | High
 34 | File | `/spip.php` | Medium
 35 | File | `/tmp` | Low
-36 | ... | ... | ...
+36 | File | `/uncpath/` | Medium
+37 | ... | ... | ...

-There are 312 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 315 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/ERMAC-2/README.md
+++ b/actors/ERMAC-2/README.md
@ -21,7 +21,7 @@ ID | IP address | Hostname | Campaign | Confidence
 3 | [193.106.191.116](https://vuldb.com/?ip.193.106.191.116) | - | Bolt Food | High
 4 | ... | ... | ... | ...

-There are 3 more IOC items available. Please use our online service to access the data.
+There are 2 more IOC items available. Please use our online service to access the data.

 ## References

--- a/actors/Emotet/README.md
+++ b/actors/Emotet/README.md
--- a/actors/Equation/README.md
+++ b/actors/Equation/README.md
@ -69,21 +69,20 @@ ID | IP address | Hostname | Campaign | Confidence
 40 | [130.237.234.51](https://vuldb.com/?ip.130.237.234.51) | - | - | High
 41 | [130.237.234.53](https://vuldb.com/?ip.130.237.234.53) | ns53.stacken.kth.se | - | High
 42 | [130.237.234.151](https://vuldb.com/?ip.130.237.234.151) | mount-kilimanjaro.stacken.kth.se | - | High
-43 | [130.237.234.152](https://vuldb.com/?ip.130.237.234.152) | snacks.stacken.kth.se | - | High
-44 | [131.188.3.200](https://vuldb.com/?ip.131.188.3.200) | reserved.rrze.uni-erlangen.de | - | High
-45 | [132.248.10.2](https://vuldb.com/?ip.132.248.10.2) | dns2.unam.mx | - | High
-46 | [132.248.204.1](https://vuldb.com/?ip.132.248.204.1) | dns1.unam.mx | - | High
-47 | [132.248.253.1](https://vuldb.com/?ip.132.248.253.1) | ve53.zc-dist.unam.mx | - | High
-48 | [133.3.5.2](https://vuldb.com/?ip.133.3.5.2) | pfdsun.kuicr.kyoto-u.ac.jp | - | High
-49 | [133.3.5.20](https://vuldb.com/?ip.133.3.5.20) | icrsun.kuicr.kyoto-u.ac.jp | - | High
-50 | [133.3.5.30](https://vuldb.com/?ip.133.3.5.30) | - | - | High
-51 | [133.3.5.33](https://vuldb.com/?ip.133.3.5.33) | sms.uji.kyoto-u.ac.jp | - | High
-52 | [133.26.135.224](https://vuldb.com/?ip.133.26.135.224) | - | - | High
-53 | [133.31.106.46](https://vuldb.com/?ip.133.31.106.46) | ci970000.ci.noda.sut.ac.jp | - | High
-54 | [133.41.145.11](https://vuldb.com/?ip.133.41.145.11) | 145-011.eduroam.hiroshima-u.ac.jp | - | High
-55 | ... | ... | ... | ...
+43 | [131.188.3.200](https://vuldb.com/?ip.131.188.3.200) | reserved.rrze.uni-erlangen.de | - | High
+44 | [132.248.10.2](https://vuldb.com/?ip.132.248.10.2) | dns2.unam.mx | - | High
+45 | [132.248.204.1](https://vuldb.com/?ip.132.248.204.1) | dns1.unam.mx | - | High
+46 | [132.248.253.1](https://vuldb.com/?ip.132.248.253.1) | ve53.zc-dist.unam.mx | - | High
+47 | [133.3.5.2](https://vuldb.com/?ip.133.3.5.2) | pfdsun.kuicr.kyoto-u.ac.jp | - | High
+48 | [133.3.5.20](https://vuldb.com/?ip.133.3.5.20) | icrsun.kuicr.kyoto-u.ac.jp | - | High
+49 | [133.3.5.30](https://vuldb.com/?ip.133.3.5.30) | - | - | High
+50 | [133.3.5.33](https://vuldb.com/?ip.133.3.5.33) | sms.uji.kyoto-u.ac.jp | - | High
+51 | [133.26.135.224](https://vuldb.com/?ip.133.26.135.224) | - | - | High
+52 | [133.31.106.46](https://vuldb.com/?ip.133.31.106.46) | ci970000.ci.noda.sut.ac.jp | - | High
+53 | [133.41.145.11](https://vuldb.com/?ip.133.41.145.11) | 145-011.eduroam.hiroshima-u.ac.jp | - | High
+54 | ... | ... | ... | ...

-There are 214 more IOC items available. Please use our online service to access the data.
+There are 211 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

--- a/actors/Extenbro/README.md
+++ b/actors/Extenbro/README.md
@ -0,0 +1,109 @@
+# Extenbro - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Extenbro](https://vuldb.com/?actor.extenbro). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.extenbro](https://vuldb.com/?actor.extenbro)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Extenbro:
+
+* [CN](https://vuldb.com/?country.cn)
+* [US](https://vuldb.com/?country.us)
+* [ES](https://vuldb.com/?country.es)
+* ...
+
+There are 14 more country items available. Please use our online service to access the data.
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Extenbro.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [45.86.180.227](https://vuldb.com/?ip.45.86.180.227) | vm-329a5356.na4u.ru | - | High
+2 | [116.203.6.218](https://vuldb.com/?ip.116.203.6.218) | mail.poseidon.wpsserver.de | - | High
+3 | [185.130.104.222](https://vuldb.com/?ip.185.130.104.222) | . | - | High
+4 | ... | ... | ... | ...
+
+There are 1 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Extenbro_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
+2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+3 | T1055 | CWE-74 | Injection | High
+4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...
+
+There are 19 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Extenbro. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/?p=products` | Medium
+2 | File | `/about.php` | Medium
+3 | File | `/admin.php/accessory/filesdel.html` | High
+4 | File | `/admin/?page=user/manage` | High
+5 | File | `/admin/add-new.php` | High
+6 | File | `/admin/doctors.php` | High
+7 | File | `/admin/submit-articles` | High
+8 | File | `/ad_js.php` | Medium
+9 | File | `/alphaware/summary.php` | High
+10 | File | `/api/` | Low
+11 | File | `/api/admin/store/product/list` | High
+12 | File | `/api/stl/actions/search` | High
+13 | File | `/api/v2/cli/commands` | High
+14 | File | `/app/options.py` | High
+15 | File | `/attachments` | Medium
+16 | File | `/bin/ate` | Medium
+17 | File | `/boat/login.php` | High
+18 | File | `/bsms_ci/index.php/book` | High
+19 | File | `/cgi-bin` | Medium
+20 | File | `/cgi-bin/luci/api/wireless` | High
+21 | File | `/cgi-bin/wlogin.cgi` | High
+22 | File | `/context/%2e/WEB-INF/web.xml` | High
+23 | File | `/dashboard/reports/logs/view` | High
+24 | File | `/debian/patches/load_ppp_generic_if_needed` | High
+25 | File | `/debug/pprof` | Medium
+26 | File | `/env` | Low
+27 | File | `/etc/hosts` | Medium
+28 | File | `/forum/away.php` | High
+29 | File | `/goform/setmac` | High
+30 | File | `/goform/wizard_end` | High
+31 | File | `/manage-apartment.php` | High
+32 | File | `/medicines/profile.php` | High
+33 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+34 | File | `/pages/apply_vacancy.php` | High
+35 | File | `/proc/<PID>/mem` | High
+36 | File | `/proxy` | Low
+37 | File | `/reservation/add_message.php` | High
+38 | File | `/spip.php` | Medium
+39 | ... | ... | ...
+
+There are 336 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://blog.malwarebytes.com/trojans/2019/07/extenbro-a-new-dns-changer-trojan-protecting-adware/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Nile/README.md
+++ b/Nile/README.md
@ -0,0 +1,63 @@
+# Eye on the Nile - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Eye on the Nile](https://vuldb.com/?actor.eye_on_the_nile). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.eye_on_the_nile](https://vuldb.com/?actor.eye_on_the_nile)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Eye on the Nile:
+
+* [RU](https://vuldb.com/?country.ru)
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Eye on the Nile.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [185.125.230.116](https://vuldb.com/?ip.185.125.230.116) | revdns.dns.com | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Eye on the Nile_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1059 | CWE-94 | Cross Site Scripting | High
+2 | T1059.007 | CWE-79 | Cross Site Scripting | High
+3 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+4 | ... | ... | ... | ...
+
+There are 4 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Eye on the Nile. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/forum/away.php` | High
+2 | File | `/out.php` | Medium
+3 | File | `/sqfs/bin/sccd` | High
+4 | ... | ... | ...
+
+There are 24 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://research.checkpoint.com/2023/stealth-soldier-backdoor-used-in-targeted-espionage-attacks-in-north-africa/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/FAKEUPDATES/README.md
+++ b/actors/FAKEUPDATES/README.md
@ -21,12 +21,12 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi

 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [45.130.201.24](https://vuldb.com/?ip.45.130.201.24) | - | - | High
-2 | [88.119.169.145](https://vuldb.com/?ip.88.119.169.145) | 19790-33851.bacloud.info | - | High
-3 | [88.119.169.146](https://vuldb.com/?ip.88.119.169.146) | 19790-33851.bacloud.info | - | High
+1 | [5.79.66.123](https://vuldb.com/?ip.5.79.66.123) | - | - | High
+2 | [35.176.231.198](https://vuldb.com/?ip.35.176.231.198) | ec2-35-176-231-198.eu-west-2.compute.amazonaws.com | - | Medium
+3 | [45.130.201.23](https://vuldb.com/?ip.45.130.201.23) | - | - | High
 4 | ... | ... | ... | ...

-There are 6 more IOC items available. Please use our online service to access the data.
+There are 12 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -52,44 +52,50 @@ ID | Type | Indicator | Confidence
 1 | File | `//proc/kcore` | Medium
 2 | File | `/admin.php/Admin/adminadd.html` | High
 3 | File | `/Admin/add-student.php` | High
-4 | File | `/admin/settings/save.php` | High
-5 | File | `/admin/userprofile.php` | High
-6 | File | `/apply.cgi` | Medium
-7 | File | `/cgi-bin/wlogin.cgi` | High
-8 | File | `/College/admin/teacher.php` | High
-9 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
-10 | File | `/dcim/rack-roles/` | High
-11 | File | `/forum/away.php` | High
-12 | File | `/goform/addUserName` | High
-13 | File | `/goform/aspForm` | High
-14 | File | `/goform/delAd` | High
-15 | File | `/goform/wifiSSIDset` | High
-16 | File | `/gpac/src/bifs/unquantize.c` | High
-17 | File | `/inc/topBarNav.php` | High
-18 | File | `/index.asp` | Medium
-19 | File | `/jfinal_cms/system/role/list` | High
-20 | File | `/kelas/data` | Medium
-21 | File | `/Moosikay/order.php` | High
-22 | File | `/php-sms/admin/quotes/manage_remark.php` | High
-23 | File | `/secure/QueryComponent!Default.jspa` | High
-24 | File | `/uncpath/` | Medium
-25 | File | `/webman/info.cgi` | High
-26 | ... | ... | ...
+4 | File | `/admin/orders/update_status.php` | High
+5 | File | `/admin/settings/save.php` | High
+6 | File | `/admin/userprofile.php` | High
+7 | File | `/apply.cgi` | Medium
+8 | File | `/cgi-bin/wlogin.cgi` | High
+9 | File | `/College/admin/teacher.php` | High
+10 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
+11 | File | `/dcim/rack-roles/` | High
+12 | File | `/forum/away.php` | High
+13 | File | `/getcfg.php` | Medium
+14 | File | `/goform/addUserName` | High
+15 | File | `/goform/aspForm` | High
+16 | File | `/goform/delAd` | High
+17 | File | `/goform/wifiSSIDset` | High
+18 | File | `/gpac/src/bifs/unquantize.c` | High
+19 | File | `/inc/topBarNav.php` | High
+20 | File | `/index.asp` | Medium
+21 | File | `/jfinal_cms/system/role/list` | High
+22 | File | `/kelas/data` | Medium
+23 | File | `/Moosikay/order.php` | High
+24 | File | `/php-sms/admin/quotes/manage_remark.php` | High
+25 | File | `/secure/QueryComponent!Default.jspa` | High
+26 | File | `/uncpath/` | Medium
+27 | File | `/webman/info.cgi` | High
+28 | ... | ... | ...

-There are 218 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 239 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

+* https://infosec.exchange/@monitorsg/110542478917794644
 * https://infosec.exchange/@rmceoin/110424143980661661
 * https://infosec.exchange/@rmceoin/110475220406813517
 * https://infosec.exchange/@rmceoin/110492844885251537
+* https://threatfox.abuse.ch
 * https://twitter.com/threatcat_ch/status/1655819677648420864
 * https://twitter.com/threatcat_ch/status/1656899336712716289
 * https://twitter.com/threatcat_ch/status/1663795364552384512
 * https://twitter.com/threatcat_ch/status/1664643709298769920
 * https://twitter.com/threatcat_ch/status/1665706881489289217
+* https://twitter.com/threatcat_ch/status/1666706124836405248
+* https://twitter.com/threatcat_ch/status/1668596702696054785
 * https://urlscan.io/search/#ip%3A88.119.169.145

 ## Literature
--- a/actors/FBot/README.md
+++ b/actors/FBot/README.md
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce

 * [US](https://vuldb.com/?country.us)
 * [IO](https://vuldb.com/?country.io)
-* [AT](https://vuldb.com/?country.at)
+* [IR](https://vuldb.com/?country.ir)
 * ...

 There are 1 more country items available. Please use our online service to access the data.
--- a/actors/FIN7/README.md
+++ b/actors/FIN7/README.md
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...

-There are 13 more country items available. Please use our online service to access the data.
+There are 15 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -133,46 +133,45 @@ ID | Type | Indicator | Confidence
 20 | File | `/api/v2/cli/commands` | High
 21 | File | `/apply.cgi` | Medium
 22 | File | `/APR/login.php` | High
-23 | File | `/bin/httpd` | Medium
-24 | File | `/boat/login.php` | High
-25 | File | `/bsms_ci/index.php/book` | High
-26 | File | `/cgi-bin` | Medium
-27 | File | `/cgi-bin/wapopen` | High
-28 | File | `/cgi-bin/wlogin.cgi` | High
-29 | File | `/debug/pprof` | Medium
-30 | File | `/dev/block/mmcblk0rpmb` | High
-31 | File | `/feeds/post/publish` | High
-32 | File | `/forum/away.php` | High
-33 | File | `/fos/admin/ajax.php?action=login` | High
-34 | File | `/fos/admin/index.php?page=menu` | High
-35 | File | `/home/masterConsole` | High
-36 | File | `/home/sendBroadcast` | High
-37 | File | `/inc/jquery/uploadify/uploadify.php` | High
-38 | File | `/index.php?app=main&func=passport&action=login` | High
-39 | File | `/index.php?page=category_list` | High
-40 | File | `/medicines/profile.php` | High
-41 | File | `/Moosikay/order.php` | High
-42 | File | `/mygym/admin/index.php?view_exercises` | High
-43 | File | `/opac/Actions.php?a=login` | High
-44 | File | `/php-opos/index.php` | High
-45 | File | `/PreviewHandler.ashx` | High
-46 | File | `/public/launchNewWindow.jsp` | High
-47 | File | `/reports/rwservlet` | High
-48 | File | `/reservation/add_message.php` | High
-49 | File | `/secure/QueryComponent!Default.jspa` | High
-50 | File | `/Session` | Medium
-51 | File | `/spip.php` | Medium
-52 | File | `/uncpath/` | Medium
-53 | File | `/user/updatePwd` | High
-54 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
-55 | File | `/video-sharing-script/watch-video.php` | High
-56 | File | `/wbms/classes/Master.php?f=delete_client` | High
-57 | File | `/wireless/security.asp` | High
-58 | File | `/wp-admin/admin-ajax.php` | High
-59 | File | `/xxl-job-admin/jobinfo` | High
-60 | ... | ... | ...
+23 | File | `/bin/ate` | Medium
+24 | File | `/bin/httpd` | Medium
+25 | File | `/boat/login.php` | High
+26 | File | `/bsms_ci/index.php/book` | High
+27 | File | `/cgi-bin` | Medium
+28 | File | `/cgi-bin/wapopen` | High
+29 | File | `/cgi-bin/wlogin.cgi` | High
+30 | File | `/debug/pprof` | Medium
+31 | File | `/dev/block/mmcblk0rpmb` | High
+32 | File | `/env` | Low
+33 | File | `/feeds/post/publish` | High
+34 | File | `/forum/away.php` | High
+35 | File | `/fos/admin/ajax.php?action=login` | High
+36 | File | `/fos/admin/index.php?page=menu` | High
+37 | File | `/home/masterConsole` | High
+38 | File | `/home/sendBroadcast` | High
+39 | File | `/inc/jquery/uploadify/uploadify.php` | High
+40 | File | `/index.php?app=main&func=passport&action=login` | High
+41 | File | `/index.php?page=category_list` | High
+42 | File | `/jobinfo/` | Medium
+43 | File | `/medicines/profile.php` | High
+44 | File | `/Moosikay/order.php` | High
+45 | File | `/mygym/admin/index.php?view_exercises` | High
+46 | File | `/opac/Actions.php?a=login` | High
+47 | File | `/php-opos/index.php` | High
+48 | File | `/php-sms/admin/?page=user/manage_user` | High
+49 | File | `/PreviewHandler.ashx` | High
+50 | File | `/public/launchNewWindow.jsp` | High
+51 | File | `/reservation/add_message.php` | High
+52 | File | `/secure/QueryComponent!Default.jspa` | High
+53 | File | `/Session` | Medium
+54 | File | `/spip.php` | Medium
+55 | File | `/uncpath/` | Medium
+56 | File | `/user/updatePwd` | High
+57 | File | `/var/lib/docker/<remapping>` | High
+58 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
+59 | ... | ... | ...

-There are 523 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 520 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/FunkyBot/README.md
+++ b/actors/FunkyBot/README.md
@ -0,0 +1,65 @@
+# FunkyBot - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [FunkyBot](https://vuldb.com/?actor.funkybot). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.funkybot](https://vuldb.com/?actor.funkybot)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with FunkyBot:
+
+* [CN](https://vuldb.com/?country.cn)
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of FunkyBot.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [6.43.51.17](https://vuldb.com/?ip.6.43.51.17) | - | - | High
+2 | [108.61.187.156](https://vuldb.com/?ip.108.61.187.156) | 108.61.187.156.vultrusercontent.com | - | High
+3 | [149.28.24.166](https://vuldb.com/?ip.149.28.24.166) | - | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _FunkyBot_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 5 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by FunkyBot. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/.ssh/authorized_keys` | High
+2 | File | `/rom` | Low
+3 | File | `data/gbconfiguration.dat` | High
+4 | ... | ... | ...
+
+There are 18 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.fortinet.com/blog/threat-research/funkybot-malware-targets-japan.html
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/GALLIUM/README.md
+++ b/actors/GALLIUM/README.md
@ -90,7 +90,7 @@ ID | Type | Indicator | Confidence
 12 | File | `adclick.php` | Medium
 13 | ... | ... | ...

-There are 104 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 105 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Gh0stRAT/README.md
+++ b/actors/Gh0stRAT/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [VN](https://vuldb.com/?country.vn)
 * ...

-There are 10 more country items available. Please use our online service to access the data.
+There are 9 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -98,13 +98,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25, CWE-29 | Pathname Traversal | High
-2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
-3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
-5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
+4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
 6 | ... | ... | ... | ...

-There are 19 more TTP items available. Please use our online service to access the data.
+There are 18 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -137,21 +137,20 @@ ID | Type | Indicator | Confidence
 23 | File | `/forum/away.php` | High
 24 | File | `/forum/PostPrivateMessage` | High
 25 | File | `/goform/addressNat` | High
-26 | File | `/HNAP1` | Low
-27 | File | `/HNAP1/SetClientInfo` | High
-28 | File | `/home/www/cgi-bin/login.cgi` | High
-29 | File | `/inc/jquery/uploadify/uploadify.php` | High
-30 | File | `/js/player/dmplayer/dmku/index.php` | High
-31 | File | `/modules/profile/index.php` | High
-32 | File | `/multi-vendor-shopping-script/product-list.php` | High
-33 | File | `/net-banking/customer_transactions.php` | High
-34 | File | `/news/*.html` | Medium
-35 | File | `/obs/book.php` | High
-36 | File | `/orrs/admin/?page=user/manage_user` | High
-37 | File | `/owa/auth/logon.aspx` | High
-38 | ... | ... | ...
+26 | File | `/goform/setmac` | High
+27 | File | `/goform/setMacFilterCfg` | High
+28 | File | `/HNAP1` | Low
+29 | File | `/HNAP1/SetClientInfo` | High
+30 | File | `/home/www/cgi-bin/login.cgi` | High
+31 | File | `/inc/jquery/uploadify/uploadify.php` | High
+32 | File | `/js/player/dmplayer/dmku/index.php` | High
+33 | File | `/kelasdosen/data` | High
+34 | File | `/modules/profile/index.php` | High
+35 | File | `/multi-vendor-shopping-script/product-list.php` | High
+36 | File | `/net-banking/customer_transactions.php` | High
+37 | ... | ... | ...

-There are 322 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/RAT/README.md
+++ b/RAT/README.md
@ -39,7 +39,7 @@ ID | IP address | Hostname | Campaign | Confidence
 16 | [43.249.195.178](https://vuldb.com/?ip.43.249.195.178) | - | - | High
 17 | ... | ... | ... | ...

-There are 62 more IOC items available. Please use our online service to access the data.
+There are 63 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

--- a/actors/Graboid/README.md
+++ b/actors/Graboid/README.md
@ -0,0 +1,58 @@
+# Graboid - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Graboid](https://vuldb.com/?actor.graboid). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.graboid](https://vuldb.com/?actor.graboid)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Graboid:
+
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Graboid.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [47.107.191.137](https://vuldb.com/?ip.47.107.191.137) | - | - | High
+2 | [47.111.96.197](https://vuldb.com/?ip.47.111.96.197) | - | - | High
+3 | [61.18.240.160](https://vuldb.com/?ip.61.18.240.160) | cm61-18-240-160.hkcable.com.hk | - | High
+4 | ... | ... | ... | ...
+
+There are 12 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Graboid_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1059 | CWE-94 | Cross Site Scripting | High
+2 | T1592 | CWE-200 | Configuration | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Graboid. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `data/gbconfiguration.dat` | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://unit42.paloaltonetworks.com/graboid-first-ever-cryptojacking-worm-found-in-images-on-docker-hub/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Gwmndy/README.md
+++ b/actors/Gwmndy/README.md
@ -0,0 +1,65 @@
+# Gwmndy - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Gwmndy](https://vuldb.com/?actor.gwmndy). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.gwmndy](https://vuldb.com/?actor.gwmndy)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Gwmndy:
+
+* [US](https://vuldb.com/?country.us)
+* [CN](https://vuldb.com/?country.cn)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Gwmndy.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [1.125.125.5](https://vuldb.com/?ip.1.125.125.5) | - | - | High
+2 | [43.252.231.181](https://vuldb.com/?ip.43.252.231.181) | - | - | High
+3 | [47.89.9.33](https://vuldb.com/?ip.47.89.9.33) | - | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Gwmndy_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1059 | CWE-94 | Cross Site Scripting | High
+2 | T1059.007 | CWE-80 | Cross Site Scripting | High
+3 | T1068 | CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+4 | ... | ... | ... | ...
+
+There are 2 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Gwmndy. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `books.php` | Medium
+2 | File | `cart.php` | Medium
+3 | File | `GpsXtraDownloader.java` | High
+4 | ... | ... | ...
+
+There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://blog.netlab.360.com/some-fiberhome-routers-are-being-utilized-as-ssh-tunneling-proxy-nodes/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Bee/README.md
+++ b/Bee/README.md
@ -0,0 +1,69 @@
+# Hidden Bee - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Hidden Bee](https://vuldb.com/?actor.hidden_bee). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.hidden_bee](https://vuldb.com/?actor.hidden_bee)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Hidden Bee:
+
+* [US](https://vuldb.com/?country.us)
+* [CN](https://vuldb.com/?country.cn)
+* [IO](https://vuldb.com/?country.io)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Hidden Bee.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [67.198.208.110](https://vuldb.com/?ip.67.198.208.110) | graft9.firsttaskintheoffice.com | - | High
+2 | [103.35.72.223](https://vuldb.com/?ip.103.35.72.223) | - | - | High
+3 | [133.130.101.254](https://vuldb.com/?ip.133.130.101.254) | v133-130-101-254.a02a.g.tyo1.static.cnode.io | - | High
+4 | ... | ... | ... | ...
+
+There are 1 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Hidden Bee_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-94 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 6 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Hidden Bee. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `inc/config.php` | High
+2 | File | `libavcodec/cdxl.c` | High
+3 | File | `querystring.php` | High
+4 | ... | ... | ...
+
+There are 4 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/ISFB/README.md
+++ b/actors/ISFB/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...

-There are 12 more country items available. Please use our online service to access the data.
+There are 13 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -22,80 +22,90 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
 1 | [5.34.176.235](https://vuldb.com/?ip.5.34.176.235) | vds1139947.hosted-by-itldc.com | - | High
-2 | [5.42.199.38](https://vuldb.com/?ip.5.42.199.38) | - | - | High
-3 | [5.44.45.83](https://vuldb.com/?ip.5.44.45.83) | vds125054.mgnhost.com | - | High
-4 | [5.44.45.204](https://vuldb.com/?ip.5.44.45.204) | vds124408.mgn-host.ru | - | High
-5 | [5.44.45.249](https://vuldb.com/?ip.5.44.45.249) | squall.werld.ru | - | High
-6 | [15.204.49.218](https://vuldb.com/?ip.15.204.49.218) | mail.mvhcudfzcgtssf.cf | - | High
-7 | [23.106.124.232](https://vuldb.com/?ip.23.106.124.232) | - | - | High
-8 | [23.227.202.77](https://vuldb.com/?ip.23.227.202.77) | 23-227-202-77.static.hvvc.us | - | High
-9 | [23.227.203.221](https://vuldb.com/?ip.23.227.203.221) | 23-227-203-221.static.hvvc.us | - | High
-10 | [31.41.44.23](https://vuldb.com/?ip.31.41.44.23) | arman.example.com | - | High
-11 | [31.41.44.27](https://vuldb.com/?ip.31.41.44.27) | awkdjaiwjdkawfhhae.example.com | - | High
-12 | [31.41.44.36](https://vuldb.com/?ip.31.41.44.36) | free.cishost.ru | - | High
-13 | [31.41.44.47](https://vuldb.com/?ip.31.41.44.47) | free.cishost.ru | - | High
-14 | [31.41.44.48](https://vuldb.com/?ip.31.41.44.48) | free.cishost.ru | - | High
-15 | [31.41.44.51](https://vuldb.com/?ip.31.41.44.51) | free.cishost.ru | - | High
-16 | [31.41.44.63](https://vuldb.com/?ip.31.41.44.63) | free.cishost.ru | - | High
-17 | [31.41.44.76](https://vuldb.com/?ip.31.41.44.76) | visionsphotographic.com | - | High
-18 | [31.41.44.85](https://vuldb.com/?ip.31.41.44.85) | free.cishost.ru | - | High
-19 | [31.41.44.87](https://vuldb.com/?ip.31.41.44.87) | free.cishost.ru | - | High
-20 | [31.41.44.90](https://vuldb.com/?ip.31.41.44.90) | free.cishost.ru | - | High
-21 | [31.41.44.92](https://vuldb.com/?ip.31.41.44.92) | free.cishost.ru | - | High
-22 | [31.41.44.106](https://vuldb.com/?ip.31.41.44.106) | free.cishost.ru | - | High
-23 | [31.41.44.107](https://vuldb.com/?ip.31.41.44.107) | free.cishost.ru | - | High
-24 | [31.41.44.108](https://vuldb.com/?ip.31.41.44.108) | free.cishost.ru | - | High
-25 | [31.41.44.109](https://vuldb.com/?ip.31.41.44.109) | free.cishost.ru | - | High
-26 | [31.41.44.110](https://vuldb.com/?ip.31.41.44.110) | kectis.com | - | High
-27 | [31.41.44.111](https://vuldb.com/?ip.31.41.44.111) | free.cishost.ru | - | High
-28 | [31.41.44.117](https://vuldb.com/?ip.31.41.44.117) | free.cishost.ru | - | High
-29 | [31.41.44.122](https://vuldb.com/?ip.31.41.44.122) | free.cishost.ru | - | High
-30 | [31.41.44.153](https://vuldb.com/?ip.31.41.44.153) | free.cishost.ru | - | High
-31 | [31.41.44.154](https://vuldb.com/?ip.31.41.44.154) | free.cishost.ru | - | High
-32 | [31.41.44.156](https://vuldb.com/?ip.31.41.44.156) | free.cishost.ru | - | High
-33 | [31.41.44.158](https://vuldb.com/?ip.31.41.44.158) | free.cishost.ru | - | High
-34 | [31.41.44.179](https://vuldb.com/?ip.31.41.44.179) | free.cishost.ru | - | High
-35 | [31.41.44.184](https://vuldb.com/?ip.31.41.44.184) | free.cishost.ru | - | High
-36 | [31.41.44.185](https://vuldb.com/?ip.31.41.44.185) | free.cishost.ru | - | High
-37 | [31.148.99.169](https://vuldb.com/?ip.31.148.99.169) | - | - | High
-38 | [31.172.83.231](https://vuldb.com/?ip.31.172.83.231) | good-nm36.ateamlevel.net | - | High
-39 | [31.207.46.10](https://vuldb.com/?ip.31.207.46.10) | xogiante.com | - | High
-40 | [31.207.46.12](https://vuldb.com/?ip.31.207.46.12) | - | - | High
-41 | [31.207.46.125](https://vuldb.com/?ip.31.207.46.125) | - | - | High
-42 | [31.214.157.31](https://vuldb.com/?ip.31.214.157.31) | vm12150.ru | - | High
-43 | [31.214.157.160](https://vuldb.com/?ip.31.214.157.160) | elijah-nascent.specbowel.net | - | High
-44 | [37.10.71.114](https://vuldb.com/?ip.37.10.71.114) | - | - | High
-45 | [37.120.206.70](https://vuldb.com/?ip.37.120.206.70) | - | - | High
-46 | [37.120.206.119](https://vuldb.com/?ip.37.120.206.119) | - | - | High
-47 | [37.120.222.178](https://vuldb.com/?ip.37.120.222.178) | - | - | High
-48 | [37.120.222.188](https://vuldb.com/?ip.37.120.222.188) | - | - | High
-49 | [37.120.239.178](https://vuldb.com/?ip.37.120.239.178) | - | - | High
-50 | [45.9.20.245](https://vuldb.com/?ip.45.9.20.245) | - | - | High
-51 | [45.11.180.140](https://vuldb.com/?ip.45.11.180.140) | boab-exchange.stuffbent.net | - | High
-52 | [45.11.181.122](https://vuldb.com/?ip.45.11.181.122) | - | - | High
-53 | [45.11.182.30](https://vuldb.com/?ip.45.11.182.30) | - | - | High
-54 | [45.11.182.165](https://vuldb.com/?ip.45.11.182.165) | - | - | High
-55 | [45.11.182.208](https://vuldb.com/?ip.45.11.182.208) | - | - | High
-56 | [45.11.183.24](https://vuldb.com/?ip.45.11.183.24) | - | - | High
-57 | [45.67.230.16](https://vuldb.com/?ip.45.67.230.16) | vm1300397.stark-industries.solutions | - | High
-58 | [45.89.67.190](https://vuldb.com/?ip.45.89.67.190) | 13ipv6.ok | - | High
-59 | [45.89.189.6](https://vuldb.com/?ip.45.89.189.6) | vds125341.mgnhost.com | - | High
-60 | [45.89.189.7](https://vuldb.com/?ip.45.89.189.7) | vds123455.mgn-host.ru | - | High
-61 | [45.90.57.19](https://vuldb.com/?ip.45.90.57.19) | kuzina.val.pserver.ru | - | High
-62 | [45.130.147.89](https://vuldb.com/?ip.45.130.147.89) | lao89.nengtanyun.cn | - | High
-63 | [45.130.151.190](https://vuldb.com/?ip.45.130.151.190) | 526204.msk-kvm.ru | - | High
-64 | [45.130.151.191](https://vuldb.com/?ip.45.130.151.191) | godaddy.com | - | High
-65 | [45.130.151.195](https://vuldb.com/?ip.45.130.151.195) | 533873.msk-kvm.ru | - | High
-66 | [45.130.151.199](https://vuldb.com/?ip.45.130.151.199) | 515904.msk-kvm.ru | - | High
-67 | [45.140.167.95](https://vuldb.com/?ip.45.140.167.95) | - | - | High
-68 | [45.147.200.47](https://vuldb.com/?ip.45.147.200.47) | mail.ofsekck.cn | - | High
-69 | [45.155.249.47](https://vuldb.com/?ip.45.155.249.47) | - | - | High
-70 | [45.155.249.49](https://vuldb.com/?ip.45.155.249.49) | - | - | High
-71 | [45.155.249.200](https://vuldb.com/?ip.45.155.249.200) | - | - | High
-72 | [45.155.249.227](https://vuldb.com/?ip.45.155.249.227) | - | - | High
-73 | ... | ... | ... | ...
+2 | [5.34.182.123](https://vuldb.com/?ip.5.34.182.123) | moar.ua | - | High
+3 | [5.42.199.38](https://vuldb.com/?ip.5.42.199.38) | - | - | High
+4 | [5.44.45.83](https://vuldb.com/?ip.5.44.45.83) | vds125054.mgnhost.com | - | High
+5 | [5.44.45.204](https://vuldb.com/?ip.5.44.45.204) | vds124408.mgn-host.ru | - | High
+6 | [5.44.45.249](https://vuldb.com/?ip.5.44.45.249) | squall.werld.ru | - | High
+7 | [15.204.49.218](https://vuldb.com/?ip.15.204.49.218) | mail.mvhcudfzcgtssf.cf | - | High
+8 | [23.95.0.100](https://vuldb.com/?ip.23.95.0.100) | 23-95-0-100-host.colocrossing.com | - | High
+9 | [23.106.124.232](https://vuldb.com/?ip.23.106.124.232) | - | - | High
+10 | [23.227.202.77](https://vuldb.com/?ip.23.227.202.77) | 23-227-202-77.static.hvvc.us | - | High
+11 | [23.227.203.221](https://vuldb.com/?ip.23.227.203.221) | 23-227-203-221.static.hvvc.us | - | High
+12 | [31.41.44.23](https://vuldb.com/?ip.31.41.44.23) | arman.example.com | - | High
+13 | [31.41.44.27](https://vuldb.com/?ip.31.41.44.27) | awkdjaiwjdkawfhhae.example.com | - | High
+14 | [31.41.44.36](https://vuldb.com/?ip.31.41.44.36) | free.cishost.ru | - | High
+15 | [31.41.44.47](https://vuldb.com/?ip.31.41.44.47) | free.cishost.ru | - | High
+16 | [31.41.44.48](https://vuldb.com/?ip.31.41.44.48) | free.cishost.ru | - | High
+17 | [31.41.44.51](https://vuldb.com/?ip.31.41.44.51) | free.cishost.ru | - | High
+18 | [31.41.44.63](https://vuldb.com/?ip.31.41.44.63) | free.cishost.ru | - | High
+19 | [31.41.44.76](https://vuldb.com/?ip.31.41.44.76) | visionsphotographic.com | - | High
+20 | [31.41.44.85](https://vuldb.com/?ip.31.41.44.85) | free.cishost.ru | - | High
+21 | [31.41.44.87](https://vuldb.com/?ip.31.41.44.87) | free.cishost.ru | - | High
+22 | [31.41.44.90](https://vuldb.com/?ip.31.41.44.90) | free.cishost.ru | - | High
+23 | [31.41.44.92](https://vuldb.com/?ip.31.41.44.92) | free.cishost.ru | - | High
+24 | [31.41.44.106](https://vuldb.com/?ip.31.41.44.106) | free.cishost.ru | - | High
+25 | [31.41.44.107](https://vuldb.com/?ip.31.41.44.107) | free.cishost.ru | - | High
+26 | [31.41.44.108](https://vuldb.com/?ip.31.41.44.108) | free.cishost.ru | - | High
+27 | [31.41.44.109](https://vuldb.com/?ip.31.41.44.109) | free.cishost.ru | - | High
+28 | [31.41.44.110](https://vuldb.com/?ip.31.41.44.110) | kectis.com | - | High
+29 | [31.41.44.111](https://vuldb.com/?ip.31.41.44.111) | free.cishost.ru | - | High
+30 | [31.41.44.117](https://vuldb.com/?ip.31.41.44.117) | free.cishost.ru | - | High
+31 | [31.41.44.122](https://vuldb.com/?ip.31.41.44.122) | free.cishost.ru | - | High
+32 | [31.41.44.153](https://vuldb.com/?ip.31.41.44.153) | free.cishost.ru | - | High
+33 | [31.41.44.154](https://vuldb.com/?ip.31.41.44.154) | free.cishost.ru | - | High
+34 | [31.41.44.156](https://vuldb.com/?ip.31.41.44.156) | free.cishost.ru | - | High
+35 | [31.41.44.158](https://vuldb.com/?ip.31.41.44.158) | free.cishost.ru | - | High
+36 | [31.41.44.179](https://vuldb.com/?ip.31.41.44.179) | free.cishost.ru | - | High
+37 | [31.41.44.184](https://vuldb.com/?ip.31.41.44.184) | free.cishost.ru | - | High
+38 | [31.41.44.185](https://vuldb.com/?ip.31.41.44.185) | free.cishost.ru | - | High
+39 | [31.148.99.169](https://vuldb.com/?ip.31.148.99.169) | - | - | High
+40 | [31.172.83.231](https://vuldb.com/?ip.31.172.83.231) | good-nm36.ateamlevel.net | - | High
+41 | [31.207.46.10](https://vuldb.com/?ip.31.207.46.10) | xogiante.com | - | High
+42 | [31.207.46.12](https://vuldb.com/?ip.31.207.46.12) | - | - | High
+43 | [31.207.46.125](https://vuldb.com/?ip.31.207.46.125) | - | - | High
+44 | [31.214.157.31](https://vuldb.com/?ip.31.214.157.31) | vm12150.ru | - | High
+45 | [31.214.157.160](https://vuldb.com/?ip.31.214.157.160) | elijah-nascent.specbowel.net | - | High
+46 | [37.10.71.114](https://vuldb.com/?ip.37.10.71.114) | - | - | High
+47 | [37.120.206.70](https://vuldb.com/?ip.37.120.206.70) | - | - | High
+48 | [37.120.206.119](https://vuldb.com/?ip.37.120.206.119) | - | - | High
+49 | [37.120.222.138](https://vuldb.com/?ip.37.120.222.138) | - | - | High
+50 | [37.120.222.178](https://vuldb.com/?ip.37.120.222.178) | - | - | High
+51 | [37.120.222.188](https://vuldb.com/?ip.37.120.222.188) | - | - | High
+52 | [37.120.239.178](https://vuldb.com/?ip.37.120.239.178) | - | - | High
+53 | [45.9.20.245](https://vuldb.com/?ip.45.9.20.245) | - | - | High
+54 | [45.11.180.140](https://vuldb.com/?ip.45.11.180.140) | boab-exchange.stuffbent.net | - | High
+55 | [45.11.180.178](https://vuldb.com/?ip.45.11.180.178) | pleased-process.eitherbar.com | - | High
+56 | [45.11.181.28](https://vuldb.com/?ip.45.11.181.28) | sourengine.com | - | High
+57 | [45.11.181.122](https://vuldb.com/?ip.45.11.181.122) | - | - | High
+58 | [45.11.182.30](https://vuldb.com/?ip.45.11.182.30) | - | - | High
+59 | [45.11.182.165](https://vuldb.com/?ip.45.11.182.165) | - | - | High
+60 | [45.11.182.208](https://vuldb.com/?ip.45.11.182.208) | - | - | High
+61 | [45.11.183.24](https://vuldb.com/?ip.45.11.183.24) | - | - | High
+62 | [45.67.230.16](https://vuldb.com/?ip.45.67.230.16) | vm1300397.stark-industries.solutions | - | High
+63 | [45.89.67.190](https://vuldb.com/?ip.45.89.67.190) | 13ipv6.ok | - | High
+64 | [45.89.189.6](https://vuldb.com/?ip.45.89.189.6) | vds125341.mgnhost.com | - | High
+65 | [45.89.189.7](https://vuldb.com/?ip.45.89.189.7) | vds123455.mgn-host.ru | - | High
+66 | [45.89.230.121](https://vuldb.com/?ip.45.89.230.121) | - | - | High
+67 | [45.90.57.19](https://vuldb.com/?ip.45.90.57.19) | kuzina.val.pserver.ru | - | High
+68 | [45.90.58.37](https://vuldb.com/?ip.45.90.58.37) | vps.hostry.com | - | High
+69 | [45.130.147.89](https://vuldb.com/?ip.45.130.147.89) | lao89.nengtanyun.cn | - | High
+70 | [45.130.151.190](https://vuldb.com/?ip.45.130.151.190) | 526204.msk-kvm.ru | - | High
+71 | [45.130.151.191](https://vuldb.com/?ip.45.130.151.191) | godaddy.com | - | High
+72 | [45.130.151.195](https://vuldb.com/?ip.45.130.151.195) | 533873.msk-kvm.ru | - | High
+73 | [45.130.151.199](https://vuldb.com/?ip.45.130.151.199) | 515904.msk-kvm.ru | - | High
+74 | [45.140.167.95](https://vuldb.com/?ip.45.140.167.95) | - | - | High
+75 | [45.147.200.47](https://vuldb.com/?ip.45.147.200.47) | mail.ofsekck.cn | - | High
+76 | [45.153.230.139](https://vuldb.com/?ip.45.153.230.139) | vm247045.pq.hosting | - | High
+77 | [45.155.249.47](https://vuldb.com/?ip.45.155.249.47) | - | - | High
+78 | [45.155.249.49](https://vuldb.com/?ip.45.155.249.49) | - | - | High
+79 | [45.155.249.65](https://vuldb.com/?ip.45.155.249.65) | - | - | High
+80 | [45.155.249.66](https://vuldb.com/?ip.45.155.249.66) | - | - | High
+81 | [45.155.249.91](https://vuldb.com/?ip.45.155.249.91) | - | - | High
+82 | [45.155.249.94](https://vuldb.com/?ip.45.155.249.94) | - | - | High
+83 | ... | ... | ... | ...

-There are 287 more IOC items available. Please use our online service to access the data.
+There are 330 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -135,7 +145,7 @@ ID | Type | Indicator | Confidence
 15 | File | `/owa/auth/logon.aspx` | High
 16 | ... | ... | ...

-There are 125 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 127 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -146,13 +156,18 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/7c854a125b0d2613bbfcd1fb3664c03c61bc3787ec8bde6be11a2f75692da268/
 * https://bazaar.abuse.ch/sample/41ae907a2bb73794bb2cff40b429e62305847a3e1a95f188b596f1cf925c4547/
 * https://bazaar.abuse.ch/sample/47e870e2d1a123b74c470b0e01ed75ef196c714aeed8739f77ac6e56430dba35/
+* https://bazaar.abuse.ch/sample/85d535a2051a60c54a1f2f43ce8854f51a784e87a7a9a5a337567fe3296d81a6/
 * https://bazaar.abuse.ch/sample/957b7f7039ef6b3c84f374b6b602466cb196e50e477a37e012423b7a9d72aa7f/
+* https://bazaar.abuse.ch/sample/9936eb6847619d6282a4fd83722250b8a760c5431a2ee3a36fc3453565551dde/
 * https://bazaar.abuse.ch/sample/75827be0c600f93d0d23d4b8239f56eb8c7dc4ab6064ad0b79e6695157816988/
+* https://bazaar.abuse.ch/sample/632532e4c584dbacddc365e46d2ce8b219f1f6433ac8dc6d51dc7a29a1a36d35/
+* https://bazaar.abuse.ch/sample/4502918b2eb7a7ff6bc77a2d9878fae3b2389f30124d224ba92958ab13fdf39c/
 * https://bazaar.abuse.ch/sample/7796075f1ef6325830eed5369b7e5930ca514b6f32d304d51434873fcb5031e0/
 * https://bazaar.abuse.ch/sample/988177454fe3a5ba8fcdf7f3124e2c56f312b776542d3763540c254df6fe6f76/
 * https://bazaar.abuse.ch/sample/a5ea92139f59d185548e8f48d1ce65cbf54bf1e3e1930de221091017fd1d4f0a/
 * https://bazaar.abuse.ch/sample/aa4d5569f00d3fed84a25b4a1adcf28e55150e01cd5917082fa9569f774b984e/
 * https://bazaar.abuse.ch/sample/bb426461ef70ffd601cb64a687c62edda066b99a79e49d880918300da5eb6548/
+* https://bazaar.abuse.ch/sample/f4c605914a24351de6ab094e1d87d5a26d5bdaf1fbb5660095e6a4c70ca1b079/
 * https://pastebin.com/raw/8Af7kn8G
 * https://threatfox.abuse.ch
 * https://tria.ge/220420-vbksmaegcr
@ -177,6 +192,8 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://twitter.com/JAMESWT_MHT/status/1639161112405975042
 * https://twitter.com/JAMESWT_MHT/status/1641002609765916672
 * https://twitter.com/luc4m/status/1555095048122949632
+* https://twitter.com/reecdeep/status/1414873034234679296
+* https://twitter.com/reecdeep/status/1414878988103790593
 * https://twitter.com/reecdeep/status/1572167734678654977
 * https://twitter.com/reecdeep/status/1600087607303471105
 * https://twitter.com/reecdeep/status/1610934654726463489
@ -199,6 +216,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://twitter.com/VirITeXplorer/status/1595347501032382464
 * https://www.bridewell.com/insights/news/detail/hunting-for-ursnif
 * https://www.malware-traffic-analysis.net/2023/02/03/index.html
+* https://www.virustotal.com/gui/file/dd8e986f297e66ba273d74617424abd12b38cfd242ee5e4fab670d052c6c2e69/behavior

 ## Literature

--- a/actors/IcedID/README.md
+++ b/actors/IcedID/README.md
@ -9,14 +9,18 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 The following _campaigns_ are known and can be associated with IcedID:

 * Cobalt Strike
+* Nokoyawa

 ## Countries

 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with IcedID:

-* [CN](https://vuldb.com/?country.cn)
 * [US](https://vuldb.com/?country.us)
-* [GB](https://vuldb.com/?country.gb)
+* [CN](https://vuldb.com/?country.cn)
+* [RU](https://vuldb.com/?country.ru)
+* ...
+
+There are 16 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -24,30 +28,298 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi

 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [5.61.46.161](https://vuldb.com/?ip.5.61.46.161) | - | - | High
-2 | [5.149.252.179](https://vuldb.com/?ip.5.149.252.179) | hnh7.arenal.xyz | - | High
-3 | [31.24.224.12](https://vuldb.com/?ip.31.24.224.12) | 1f18e00c.setaptr.net | - | High
-4 | [31.24.228.170](https://vuldb.com/?ip.31.24.228.170) | 31.24.228.170.static.midphase.com | - | High
-5 | [31.184.199.11](https://vuldb.com/?ip.31.184.199.11) | dalesmanager.com | - | High
-6 | [37.120.222.100](https://vuldb.com/?ip.37.120.222.100) | - | - | High
-7 | [37.252.11.221](https://vuldb.com/?ip.37.252.11.221) | - | - | High
-8 | [45.129.99.241](https://vuldb.com/?ip.45.129.99.241) | 354851-vds-mamozw.gmhost.pp.ua | - | High
-9 | [45.138.172.179](https://vuldb.com/?ip.45.138.172.179) | - | - | High
-10 | [45.147.228.198](https://vuldb.com/?ip.45.147.228.198) | - | - | High
-11 | [45.147.230.82](https://vuldb.com/?ip.45.147.230.82) | - | - | High
-12 | [45.147.230.88](https://vuldb.com/?ip.45.147.230.88) | mailnode7.bulletproof-mail.biz | - | High
-13 | [45.147.231.113](https://vuldb.com/?ip.45.147.231.113) | - | - | High
-14 | [45.153.240.135](https://vuldb.com/?ip.45.153.240.135) | - | - | High
-15 | [45.153.241.115](https://vuldb.com/?ip.45.153.241.115) | - | - | High
-16 | [46.17.98.191](https://vuldb.com/?ip.46.17.98.191) | - | - | High
-17 | [46.249.62.199](https://vuldb.com/?ip.46.249.62.199) | - | - | High
-18 | [51.195.169.87](https://vuldb.com/?ip.51.195.169.87) | ip87.ip-51-195-169.eu | - | High
-19 | [79.141.161.176](https://vuldb.com/?ip.79.141.161.176) | zzs7bp73.copycomdigital.com | - | High
-20 | [79.141.164.241](https://vuldb.com/?ip.79.141.164.241) | x6ts.mtsgamingpro.fun | - | High
-21 | [79.141.166.39](https://vuldb.com/?ip.79.141.166.39) | webimpa.com | - | High
-22 | ... | ... | ... | ...
+1 | [5.2.65.217](https://vuldb.com/?ip.5.2.65.217) | - | - | High
+2 | [5.2.67.119](https://vuldb.com/?ip.5.2.67.119) | - | - | High
+3 | [5.2.70.56](https://vuldb.com/?ip.5.2.70.56) | - | - | High
+4 | [5.2.70.89](https://vuldb.com/?ip.5.2.70.89) | - | - | High
+5 | [5.2.74.83](https://vuldb.com/?ip.5.2.74.83) | - | - | High
+6 | [5.2.75.126](https://vuldb.com/?ip.5.2.75.126) | - | - | High
+7 | [5.2.75.189](https://vuldb.com/?ip.5.2.75.189) | - | - | High
+8 | [5.2.76.156](https://vuldb.com/?ip.5.2.76.156) | - | - | High
+9 | [5.2.77.232](https://vuldb.com/?ip.5.2.77.232) | - | - | High
+10 | [5.2.78.150](https://vuldb.com/?ip.5.2.78.150) | - | - | High
+11 | [5.2.79.7](https://vuldb.com/?ip.5.2.79.7) | - | - | High
+12 | [5.2.79.218](https://vuldb.com/?ip.5.2.79.218) | - | - | High
+13 | [5.34.180.162](https://vuldb.com/?ip.5.34.180.162) | - | - | High
+14 | [5.34.181.34](https://vuldb.com/?ip.5.34.181.34) | vds-842965.hosted-by-itldc.com | - | High
+15 | [5.34.181.44](https://vuldb.com/?ip.5.34.181.44) | vds-950771.hosted-by-itldc.com | - | High
+16 | [5.39.63.101](https://vuldb.com/?ip.5.39.63.101) | - | - | High
+17 | [5.39.63.102](https://vuldb.com/?ip.5.39.63.102) | - | - | High
+18 | [5.39.222.193](https://vuldb.com/?ip.5.39.222.193) | - | - | High
+19 | [5.39.223.131](https://vuldb.com/?ip.5.39.223.131) | - | - | High
+20 | [5.39.223.134](https://vuldb.com/?ip.5.39.223.134) | - | - | High
+21 | [5.61.32.172](https://vuldb.com/?ip.5.61.32.172) | - | - | High
+22 | [5.61.34.133](https://vuldb.com/?ip.5.61.34.133) | mta3.mailup.ru | - | High
+23 | [5.61.34.153](https://vuldb.com/?ip.5.61.34.153) | - | - | High
+24 | [5.61.36.120](https://vuldb.com/?ip.5.61.36.120) | - | - | High
+25 | [5.61.36.180](https://vuldb.com/?ip.5.61.36.180) | - | - | High
+26 | [5.61.37.89](https://vuldb.com/?ip.5.61.37.89) | mailer.ampm.casino | - | High
+27 | [5.61.37.224](https://vuldb.com/?ip.5.61.37.224) | - | - | High
+28 | [5.61.40.78](https://vuldb.com/?ip.5.61.40.78) | - | - | High
+29 | [5.61.42.115](https://vuldb.com/?ip.5.61.42.115) | 0.0.0.0 | - | High
+30 | [5.61.42.123](https://vuldb.com/?ip.5.61.42.123) | stirok.ru | - | High
+31 | [5.61.42.128](https://vuldb.com/?ip.5.61.42.128) | - | - | High
+32 | [5.61.43.172](https://vuldb.com/?ip.5.61.43.172) | - | - | High
+33 | [5.61.43.191](https://vuldb.com/?ip.5.61.43.191) | b3.bareandblushy.com | - | High
+34 | [5.61.44.146](https://vuldb.com/?ip.5.61.44.146) | - | - | High
+35 | [5.61.44.218](https://vuldb.com/?ip.5.61.44.218) | - | - | High
+36 | [5.61.44.234](https://vuldb.com/?ip.5.61.44.234) | - | - | High
+37 | [5.61.45.179](https://vuldb.com/?ip.5.61.45.179) | - | - | High
+38 | [5.61.46.161](https://vuldb.com/?ip.5.61.46.161) | - | - | High
+39 | [5.61.46.164](https://vuldb.com/?ip.5.61.46.164) | - | - | High
+40 | [5.135.255.246](https://vuldb.com/?ip.5.135.255.246) | - | - | High
+41 | [5.144.132.47](https://vuldb.com/?ip.5.144.132.47) | 47-132-144-5.static.hostiran.name | - | High
+42 | [5.149.252.179](https://vuldb.com/?ip.5.149.252.179) | hnh7.arenal.xyz | - | High
+43 | [5.181.27.192](https://vuldb.com/?ip.5.181.27.192) | gcl-lon.com | - | High
+44 | [5.181.80.213](https://vuldb.com/?ip.5.181.80.213) | ip-80-213-bullethost.net | - | High
+45 | [5.181.80.215](https://vuldb.com/?ip.5.181.80.215) | anelpones.xyz | - | High
+46 | [5.181.80.218](https://vuldb.com/?ip.5.181.80.218) | ip-80-218-bullethost.net | - | High
+47 | [5.188.0.52](https://vuldb.com/?ip.5.188.0.52) | saycain.example.com | - | High
+48 | [5.188.93.137](https://vuldb.com/?ip.5.188.93.137) | free.ds | - | High
+49 | [5.196.103.145](https://vuldb.com/?ip.5.196.103.145) | - | - | High
+50 | [5.196.196.251](https://vuldb.com/?ip.5.196.196.251) | - | - | High
+51 | [5.196.196.252](https://vuldb.com/?ip.5.196.196.252) | - | - | High
+52 | [5.199.162.56](https://vuldb.com/?ip.5.199.162.56) | - | - | High
+53 | [5.199.162.81](https://vuldb.com/?ip.5.199.162.81) | - | - | High
+54 | [5.199.162.123](https://vuldb.com/?ip.5.199.162.123) | - | - | High
+55 | [5.199.162.162](https://vuldb.com/?ip.5.199.162.162) | - | - | High
+56 | [5.199.162.166](https://vuldb.com/?ip.5.199.162.166) | - | - | High
+57 | [5.199.162.174](https://vuldb.com/?ip.5.199.162.174) | - | - | High
+58 | [5.199.162.235](https://vuldb.com/?ip.5.199.162.235) | - | - | High
+59 | [5.199.168.14](https://vuldb.com/?ip.5.199.168.14) | - | - | High
+60 | [5.199.168.24](https://vuldb.com/?ip.5.199.168.24) | - | - | High
+61 | [5.199.168.34](https://vuldb.com/?ip.5.199.168.34) | - | - | High
+62 | [5.199.168.125](https://vuldb.com/?ip.5.199.168.125) | - | - | High
+63 | [5.199.168.213](https://vuldb.com/?ip.5.199.168.213) | - | - | High
+64 | [5.199.168.214](https://vuldb.com/?ip.5.199.168.214) | - | - | High
+65 | [5.199.168.255](https://vuldb.com/?ip.5.199.168.255) | - | - | High
+66 | [5.199.173.20](https://vuldb.com/?ip.5.199.173.20) | - | - | High
+67 | [5.199.173.24](https://vuldb.com/?ip.5.199.173.24) | - | - | High
+68 | [5.199.173.27](https://vuldb.com/?ip.5.199.173.27) | - | - | High
+69 | [5.199.173.29](https://vuldb.com/?ip.5.199.173.29) | - | - | High
+70 | [5.199.173.51](https://vuldb.com/?ip.5.199.173.51) | - | - | High
+71 | [5.199.173.107](https://vuldb.com/?ip.5.199.173.107) | - | - | High
+72 | [5.199.173.120](https://vuldb.com/?ip.5.199.173.120) | - | - | High
+73 | [5.199.173.141](https://vuldb.com/?ip.5.199.173.141) | - | - | High
+74 | [5.199.173.150](https://vuldb.com/?ip.5.199.173.150) | - | - | High
+75 | [5.199.173.162](https://vuldb.com/?ip.5.199.173.162) | - | - | High
+76 | [5.199.173.173](https://vuldb.com/?ip.5.199.173.173) | - | - | High
+77 | [5.199.173.210](https://vuldb.com/?ip.5.199.173.210) | - | - | High
+78 | [5.199.173.217](https://vuldb.com/?ip.5.199.173.217) | - | - | High
+79 | [5.199.173.233](https://vuldb.com/?ip.5.199.173.233) | - | - | High
+80 | [5.199.173.234](https://vuldb.com/?ip.5.199.173.234) | - | - | High
+81 | [5.199.174.189](https://vuldb.com/?ip.5.199.174.189) | - | - | High
+82 | [5.199.174.232](https://vuldb.com/?ip.5.199.174.232) | - | - | High
+83 | [5.199.174.234](https://vuldb.com/?ip.5.199.174.234) | - | - | High
+84 | [5.206.224.50](https://vuldb.com/?ip.5.206.224.50) | ko.pro | - | High
+85 | [5.206.224.239](https://vuldb.com/?ip.5.206.224.239) | aqualisbra.com | - | High
+86 | [5.206.227.5](https://vuldb.com/?ip.5.206.227.5) | jiojoip.com | - | High
+87 | [5.230.57.30](https://vuldb.com/?ip.5.230.57.30) | - | - | High
+88 | [5.230.57.194](https://vuldb.com/?ip.5.230.57.194) | - | - | High
+89 | [5.230.66.157](https://vuldb.com/?ip.5.230.66.157) | - | - | High
+90 | [5.230.67.128](https://vuldb.com/?ip.5.230.67.128) | placeholder.noezserver.de | - | High
+91 | [5.230.67.227](https://vuldb.com/?ip.5.230.67.227) | placeholder.noezserver.de | - | High
+92 | [5.230.68.22](https://vuldb.com/?ip.5.230.68.22) | pleasantly.autocraftz.biz | - | High
+93 | [5.230.68.48](https://vuldb.com/?ip.5.230.68.48) | ounahiskills.co.uk | - | High
+94 | [5.230.68.66](https://vuldb.com/?ip.5.230.68.66) | fracturedprunesurfcitync.com | - | High
+95 | [5.230.68.163](https://vuldb.com/?ip.5.230.68.163) | placeholder.noezserver.de | - | High
+96 | [5.230.70.43](https://vuldb.com/?ip.5.230.70.43) | placeholder.noezserver.de | - | High
+97 | [5.230.70.57](https://vuldb.com/?ip.5.230.70.57) | placeholder.noezserver.de | - | High
+98 | [5.230.70.135](https://vuldb.com/?ip.5.230.70.135) | placeholder.noezserver.de | - | High
+99 | [5.230.70.140](https://vuldb.com/?ip.5.230.70.140) | placeholder.noezserver.de | - | High
+100 | [5.230.70.146](https://vuldb.com/?ip.5.230.70.146) | placeholder.noezserver.de | - | High
+101 | [5.230.71.72](https://vuldb.com/?ip.5.230.71.72) | placeholder.noezserver.de | - | High
+102 | [5.230.72.37](https://vuldb.com/?ip.5.230.72.37) | placeholder.noezserver.de | - | High
+103 | [5.230.72.131](https://vuldb.com/?ip.5.230.72.131) | placeholder.noezserver.de | - | High
+104 | [5.230.72.158](https://vuldb.com/?ip.5.230.72.158) | placeholder.noezserver.de | - | High
+105 | [5.230.73.61](https://vuldb.com/?ip.5.230.73.61) | placeholder.noezserver.de | - | High
+106 | [5.230.73.139](https://vuldb.com/?ip.5.230.73.139) | - | - | High
+107 | [5.230.73.157](https://vuldb.com/?ip.5.230.73.157) | - | - | High
+108 | [5.230.73.172](https://vuldb.com/?ip.5.230.73.172) | - | - | High
+109 | [5.230.73.200](https://vuldb.com/?ip.5.230.73.200) | placeholder.noezserver.de | - | High
+110 | [5.230.73.244](https://vuldb.com/?ip.5.230.73.244) | placeholder.noezserver.de | - | High
+111 | [5.230.74.71](https://vuldb.com/?ip.5.230.74.71) | - | - | High
+112 | [5.230.74.153](https://vuldb.com/?ip.5.230.74.153) | placeholder.noezserver.de | - | High
+113 | [5.230.74.202](https://vuldb.com/?ip.5.230.74.202) | - | - | High
+114 | [5.230.74.203](https://vuldb.com/?ip.5.230.74.203) | - | - | High
+115 | [5.230.74.223](https://vuldb.com/?ip.5.230.74.223) | placeholder.noezserver.de | - | High
+116 | [5.230.74.242](https://vuldb.com/?ip.5.230.74.242) | - | - | High
+117 | [5.230.75.11](https://vuldb.com/?ip.5.230.75.11) | - | - | High
+118 | [5.230.75.134](https://vuldb.com/?ip.5.230.75.134) | placeholder.noezserver.de | - | High
+119 | [5.230.75.188](https://vuldb.com/?ip.5.230.75.188) | - | - | High
+120 | [5.230.75.247](https://vuldb.com/?ip.5.230.75.247) | ma247.manidatravel.com | - | High
+121 | [5.230.76.44](https://vuldb.com/?ip.5.230.76.44) | - | - | High
+122 | [5.230.76.198](https://vuldb.com/?ip.5.230.76.198) | - | - | High
+123 | [5.230.78.208](https://vuldb.com/?ip.5.230.78.208) | - | - | High
+124 | [5.252.23.141](https://vuldb.com/?ip.5.252.23.141) | mail.exclusive-meetingg.com | - | High
+125 | [5.252.177.10](https://vuldb.com/?ip.5.252.177.10) | no-rdns.mivocloud.com | - | High
+126 | [5.252.177.13](https://vuldb.com/?ip.5.252.177.13) | no-rdns.mivocloud.com | - | High
+127 | [5.252.177.59](https://vuldb.com/?ip.5.252.177.59) | no-rdns.mivocloud.com | - | High
+128 | [5.252.177.65](https://vuldb.com/?ip.5.252.177.65) | no-rdns.mivocloud.com | - | High
+129 | [5.252.177.103](https://vuldb.com/?ip.5.252.177.103) | no-rdns.mivocloud.com | - | High
+130 | [5.252.177.106](https://vuldb.com/?ip.5.252.177.106) | bestsevenreviews.com | - | High
+131 | [5.252.177.107](https://vuldb.com/?ip.5.252.177.107) | no-rdns.mivocloud.com | - | High
+132 | [5.252.177.233](https://vuldb.com/?ip.5.252.177.233) | 5-252-177-233.mivocloud.com | - | High
+133 | [5.252.178.142](https://vuldb.com/?ip.5.252.178.142) | no-rdns.mivocloud.com | - | High
+134 | [5.255.98.126](https://vuldb.com/?ip.5.255.98.126) | - | - | High
+135 | [5.255.99.51](https://vuldb.com/?ip.5.255.99.51) | - | - | High
+136 | [5.255.99.108](https://vuldb.com/?ip.5.255.99.108) | - | - | High
+137 | [5.255.100.8](https://vuldb.com/?ip.5.255.100.8) | - | - | High
+138 | [5.255.100.32](https://vuldb.com/?ip.5.255.100.32) | - | - | High
+139 | [5.255.100.55](https://vuldb.com/?ip.5.255.100.55) | - | - | High
+140 | [5.255.100.65](https://vuldb.com/?ip.5.255.100.65) | - | - | High
+141 | [5.255.100.207](https://vuldb.com/?ip.5.255.100.207) | chronostech.io | - | High
+142 | [5.255.100.250](https://vuldb.com/?ip.5.255.100.250) | - | - | High
+143 | [5.255.101.31](https://vuldb.com/?ip.5.255.101.31) | - | - | High
+144 | [5.255.101.68](https://vuldb.com/?ip.5.255.101.68) | - | - | High
+145 | [5.255.102.88](https://vuldb.com/?ip.5.255.102.88) | - | - | High
+146 | [5.255.102.167](https://vuldb.com/?ip.5.255.102.167) | - | - | High
+147 | [5.255.103.75](https://vuldb.com/?ip.5.255.103.75) | - | - | High
+148 | [5.255.103.108](https://vuldb.com/?ip.5.255.103.108) | - | - | High
+149 | [5.255.103.144](https://vuldb.com/?ip.5.255.103.144) | - | - | High
+150 | [5.255.103.245](https://vuldb.com/?ip.5.255.103.245) | - | - | High
+151 | [5.255.104.11](https://vuldb.com/?ip.5.255.104.11) | - | - | High
+152 | [5.255.104.22](https://vuldb.com/?ip.5.255.104.22) | - | - | High
+153 | [5.255.104.45](https://vuldb.com/?ip.5.255.104.45) | - | - | High
+154 | [5.255.104.52](https://vuldb.com/?ip.5.255.104.52) | - | - | High
+155 | [5.255.104.93](https://vuldb.com/?ip.5.255.104.93) | - | - | High
+156 | [5.255.104.97](https://vuldb.com/?ip.5.255.104.97) | - | - | High
+157 | [5.255.104.113](https://vuldb.com/?ip.5.255.104.113) | - | - | High
+158 | [5.255.104.120](https://vuldb.com/?ip.5.255.104.120) | - | - | High
+159 | [5.255.104.130](https://vuldb.com/?ip.5.255.104.130) | - | - | High
+160 | [5.255.104.143](https://vuldb.com/?ip.5.255.104.143) | - | - | High
+161 | [5.255.104.145](https://vuldb.com/?ip.5.255.104.145) | - | - | High
+162 | [5.255.104.153](https://vuldb.com/?ip.5.255.104.153) | - | - | High
+163 | [5.255.104.184](https://vuldb.com/?ip.5.255.104.184) | - | - | High
+164 | [5.255.104.220](https://vuldb.com/?ip.5.255.104.220) | - | - | High
+165 | [5.255.104.233](https://vuldb.com/?ip.5.255.104.233) | - | - | High
+166 | [5.255.105.55](https://vuldb.com/?ip.5.255.105.55) | - | - | High
+167 | [5.255.105.239](https://vuldb.com/?ip.5.255.105.239) | - | - | High
+168 | [5.255.106.72](https://vuldb.com/?ip.5.255.106.72) | - | - | High
+169 | [5.255.106.78](https://vuldb.com/?ip.5.255.106.78) | smtp.gespollas.com | - | High
+170 | [5.255.106.136](https://vuldb.com/?ip.5.255.106.136) | - | - | High
+171 | [5.255.106.240](https://vuldb.com/?ip.5.255.106.240) | - | - | High
+172 | [5.255.107.149](https://vuldb.com/?ip.5.255.107.149) | - | - | High
+173 | [5.255.109.46](https://vuldb.com/?ip.5.255.109.46) | - | - | High
+174 | [5.255.109.175](https://vuldb.com/?ip.5.255.109.175) | - | - | High
+175 | [5.255.110.177](https://vuldb.com/?ip.5.255.110.177) | - | - | High
+176 | [5.255.111.220](https://vuldb.com/?ip.5.255.111.220) | - | - | High
+177 | [5.255.113.157](https://vuldb.com/?ip.5.255.113.157) | - | - | High
+178 | [5.255.119.21](https://vuldb.com/?ip.5.255.119.21) | - | - | High
+179 | [5.255.120.33](https://vuldb.com/?ip.5.255.120.33) | - | - | High
+180 | [6.43.51.17](https://vuldb.com/?ip.6.43.51.17) | - | - | High
+181 | [8.39.147.62](https://vuldb.com/?ip.8.39.147.62) | vyc1.achlycole.org.uk | - | High
+182 | [23.82.128.186](https://vuldb.com/?ip.23.82.128.186) | - | - | High
+183 | [23.82.128.215](https://vuldb.com/?ip.23.82.128.215) | - | - | High
+184 | [23.88.35.240](https://vuldb.com/?ip.23.88.35.240) | static.240.35.88.23.clients.your-server.de | - | High
+185 | [23.106.124.26](https://vuldb.com/?ip.23.106.124.26) | - | - | High
+186 | [23.106.124.168](https://vuldb.com/?ip.23.106.124.168) | - | - | High
+187 | [23.106.124.181](https://vuldb.com/?ip.23.106.124.181) | - | - | High
+188 | [23.106.215.93](https://vuldb.com/?ip.23.106.215.93) | - | - | High
+189 | [23.160.193.140](https://vuldb.com/?ip.23.160.193.140) | unknown.ip-xfer.net | - | High
+190 | [23.227.202.165](https://vuldb.com/?ip.23.227.202.165) | 23-227-202-165.static.hvvc.us | - | High
+191 | [23.227.203.131](https://vuldb.com/?ip.23.227.203.131) | 23-227-203-131.static.hvvc.us | - | High
+192 | [23.227.206.161](https://vuldb.com/?ip.23.227.206.161) | 23-227-206-161.static.hvvc.us | - | High
+193 | [23.227.206.195](https://vuldb.com/?ip.23.227.206.195) | 23-227-206-195.static.hvvc.us | - | High
+194 | [23.254.202.234](https://vuldb.com/?ip.23.254.202.234) | hwsrv-1055605.hostwindsdns.com | - | High
+195 | [23.254.211.137](https://vuldb.com/?ip.23.254.211.137) | hwsrv-1045976.hostwindsdns.com | - | High
+196 | [23.254.224.115](https://vuldb.com/?ip.23.254.224.115) | hwsrv-1031288.hostwindsdns.com | - | High
+197 | [23.254.224.148](https://vuldb.com/?ip.23.254.224.148) | client-23-254-224-148.hostwindsdns.com | - | High
+198 | [23.254.226.152](https://vuldb.com/?ip.23.254.226.152) | hwsrv-1069457.hostwindsdns.com | - | High
+199 | [23.254.229.208](https://vuldb.com/?ip.23.254.229.208) | hwsrv-1015537.hostwindsdns.com | - | High
+200 | [23.254.253.106](https://vuldb.com/?ip.23.254.253.106) | WIN-KP9WSUDC4N.com | - | High
+201 | [31.13.195.119](https://vuldb.com/?ip.31.13.195.119) | sm.cfconsult.net | - | High
+202 | [31.13.195.127](https://vuldb.com/?ip.31.13.195.127) | - | - | High
+203 | [31.24.224.12](https://vuldb.com/?ip.31.24.224.12) | 1f18e00c.setaptr.net | - | High
+204 | [31.24.228.170](https://vuldb.com/?ip.31.24.228.170) | 31.24.228.170.static.midphase.com | - | High
+205 | [31.184.199.11](https://vuldb.com/?ip.31.184.199.11) | dalesmanager.com | - | High
+206 | [37.1.192.40](https://vuldb.com/?ip.37.1.192.40) | - | - | High
+207 | [37.1.193.136](https://vuldb.com/?ip.37.1.193.136) | webcomdition.com | - | High
+208 | [37.1.195.84](https://vuldb.com/?ip.37.1.195.84) | - | - | High
+209 | [37.1.195.238](https://vuldb.com/?ip.37.1.195.238) | autoreflash.com | - | High
+210 | [37.1.205.217](https://vuldb.com/?ip.37.1.205.217) | - | - | High
+211 | [37.1.208.48](https://vuldb.com/?ip.37.1.208.48) | reveltip.com | - | High
+212 | [37.1.213.234](https://vuldb.com/?ip.37.1.213.234) | - | - | High
+213 | [37.1.221.209](https://vuldb.com/?ip.37.1.221.209) | - | - | High
+214 | [37.46.129.17](https://vuldb.com/?ip.37.46.129.17) | info50.fvds.ru | - | High
+215 | [37.61.229.95](https://vuldb.com/?ip.37.61.229.95) | zeno.igorclark.net | - | High
+216 | [37.120.222.100](https://vuldb.com/?ip.37.120.222.100) | - | - | High
+217 | [37.221.115.12](https://vuldb.com/?ip.37.221.115.12) | - | - | High
+218 | [37.235.55.75](https://vuldb.com/?ip.37.235.55.75) | 75.55.235.37.in-addr.arpa | - | High
+219 | [37.235.55.103](https://vuldb.com/?ip.37.235.55.103) | 103.55.235.37.in-addr.arpa | - | High
+220 | [37.235.56.30](https://vuldb.com/?ip.37.235.56.30) | 30.56.235.37.in-addr.arpa | - | High
+221 | [37.235.56.37](https://vuldb.com/?ip.37.235.56.37) | 37.56.235.37.in-addr.arpa | - | High
+222 | [37.235.56.94](https://vuldb.com/?ip.37.235.56.94) | 94.56.235.37.in-addr.arpa | - | High
+223 | [37.235.56.185](https://vuldb.com/?ip.37.235.56.185) | 185.56.235.37.in-addr.arpa | - | High
+224 | [37.252.5.228](https://vuldb.com/?ip.37.252.5.228) | - | - | High
+225 | [37.252.6.77](https://vuldb.com/?ip.37.252.6.77) | - | - | High
+226 | [37.252.10.231](https://vuldb.com/?ip.37.252.10.231) | - | - | High
+227 | [37.252.11.170](https://vuldb.com/?ip.37.252.11.170) | - | - | High
+228 | [37.252.11.221](https://vuldb.com/?ip.37.252.11.221) | - | - | High
+229 | [38.180.0.89](https://vuldb.com/?ip.38.180.0.89) | - | - | High
+230 | [38.180.8.107](https://vuldb.com/?ip.38.180.8.107) | - | - | High
+231 | [38.180.8.169](https://vuldb.com/?ip.38.180.8.169) | - | - | High
+232 | [45.11.19.121](https://vuldb.com/?ip.45.11.19.121) | - | - | High
+233 | [45.11.19.168](https://vuldb.com/?ip.45.11.19.168) | - | - | High
+234 | [45.12.109.136](https://vuldb.com/?ip.45.12.109.136) | kemp.strongwallsys.com | - | High
+235 | [45.12.109.195](https://vuldb.com/?ip.45.12.109.195) | ryan.earthbroadcasting.com | - | High
+236 | [45.12.109.221](https://vuldb.com/?ip.45.12.109.221) | weaver.earthbroadcasting.com | - | High
+237 | [45.12.139.90](https://vuldb.com/?ip.45.12.139.90) | - | - | High
+238 | [45.15.161.254](https://vuldb.com/?ip.45.15.161.254) | - | - | High
+239 | [45.41.204.5](https://vuldb.com/?ip.45.41.204.5) | fastshipus.xyz | - | High
+240 | [45.55.42.13](https://vuldb.com/?ip.45.55.42.13) | - | - | High
+241 | [45.55.53.206](https://vuldb.com/?ip.45.55.53.206) | - | - | High
+242 | [45.55.56.244](https://vuldb.com/?ip.45.55.56.244) | - | - | High
+243 | [45.61.136.6](https://vuldb.com/?ip.45.61.136.6) | - | - | High
+244 | [45.61.136.193](https://vuldb.com/?ip.45.61.136.193) | - | - | High
+245 | [45.61.137.159](https://vuldb.com/?ip.45.61.137.159) | - | - | High
+246 | [45.61.137.220](https://vuldb.com/?ip.45.61.137.220) | svenska.re | - | High
+247 | [45.61.138.171](https://vuldb.com/?ip.45.61.138.171) | - | - | High
+248 | [45.61.138.175](https://vuldb.com/?ip.45.61.138.175) | - | - | High
+249 | [45.61.138.181](https://vuldb.com/?ip.45.61.138.181) | - | - | High
+250 | [45.61.138.227](https://vuldb.com/?ip.45.61.138.227) | - | - | High
+251 | [45.61.139.138](https://vuldb.com/?ip.45.61.139.138) | - | - | High
+252 | [45.61.139.144](https://vuldb.com/?ip.45.61.139.144) | - | - | High
+253 | [45.61.139.179](https://vuldb.com/?ip.45.61.139.179) | - | - | High
+254 | [45.61.139.235](https://vuldb.com/?ip.45.61.139.235) | - | - | High
+255 | [45.61.139.243](https://vuldb.com/?ip.45.61.139.243) | - | - | High
+256 | [45.66.248.7](https://vuldb.com/?ip.45.66.248.7) | mta0.burjeela.gq | - | High
+257 | [45.66.248.37](https://vuldb.com/?ip.45.66.248.37) | mta0.quarrantinereport-center.gq | - | High
+258 | [45.66.248.69](https://vuldb.com/?ip.45.66.248.69) | outbound5.imaille.com | - | High
+259 | [45.66.248.71](https://vuldb.com/?ip.45.66.248.71) | - | - | High
+260 | [45.66.248.79](https://vuldb.com/?ip.45.66.248.79) | mta0.coldspikes.autos | - | High
+261 | [45.66.248.119](https://vuldb.com/?ip.45.66.248.119) | finixdeal.com | Nokoyawa | High
+262 | [45.66.248.148](https://vuldb.com/?ip.45.66.248.148) | QuanTs.defaultproduct.com | - | High
+263 | [45.66.248.244](https://vuldb.com/?ip.45.66.248.244) | mta0.axminster-carpets.cf | - | High
+264 | [45.66.249.26](https://vuldb.com/?ip.45.66.249.26) | 8axj5rsx1e.marketingforbreweries.com | - | High
+265 | [45.66.249.221](https://vuldb.com/?ip.45.66.249.221) | mta0.lizengeneering.com | - | High
+266 | [45.67.231.235](https://vuldb.com/?ip.45.67.231.235) | am-tun2.warwish.pro | - | High
+267 | [45.82.247.87](https://vuldb.com/?ip.45.82.247.87) | - | - | High
+268 | [45.82.247.121](https://vuldb.com/?ip.45.82.247.121) | - | - | High
+269 | [45.82.247.148](https://vuldb.com/?ip.45.82.247.148) | prostatehealth.click | - | High
+270 | [45.82.251.34](https://vuldb.com/?ip.45.82.251.34) | - | - | High
+271 | [45.82.251.36](https://vuldb.com/?ip.45.82.251.36) | - | - | High
+272 | [45.82.251.44](https://vuldb.com/?ip.45.82.251.44) | - | - | High
+273 | [45.86.229.46](https://vuldb.com/?ip.45.86.229.46) | - | - | High
+274 | [45.86.229.94](https://vuldb.com/?ip.45.86.229.94) | - | - | High
+275 | [45.86.229.105](https://vuldb.com/?ip.45.86.229.105) | 1lf7cf33e.northernstarmarketing.com | - | High
+276 | [45.86.229.180](https://vuldb.com/?ip.45.86.229.180) | - | - | High
+277 | [45.86.229.253](https://vuldb.com/?ip.45.86.229.253) | 32l.edUcated-352.insuranceforourfamily.com | - | High
+278 | [45.86.230.43](https://vuldb.com/?ip.45.86.230.43) | google.com | - | High
+279 | [45.86.230.141](https://vuldb.com/?ip.45.86.230.141) | mta0.ungho.cf | - | High
+280 | [45.86.230.149](https://vuldb.com/?ip.45.86.230.149) | - | - | High
+281 | [45.86.230.181](https://vuldb.com/?ip.45.86.230.181) | - | - | High
+282 | [45.86.231.210](https://vuldb.com/?ip.45.86.231.210) | - | - | High
+283 | [45.87.154.181](https://vuldb.com/?ip.45.87.154.181) | vm.solutions | - | High
+284 | [45.88.221.211](https://vuldb.com/?ip.45.88.221.211) | - | - | High
+285 | [45.89.98.138](https://vuldb.com/?ip.45.89.98.138) | ruiz.thegamersnet.com | - | High
+286 | [45.89.107.120](https://vuldb.com/?ip.45.89.107.120) | d120.lifedigitz.com | - | High
+287 | [45.92.162.84](https://vuldb.com/?ip.45.92.162.84) | butler.egnerarch.com | - | High
+288 | [45.92.163.123](https://vuldb.com/?ip.45.92.163.123) | vars-long-kks.currishfine.com | - | High
+289 | [45.92.163.233](https://vuldb.com/?ip.45.92.163.233) | landing-messy.samewaged.com | - | High
+290 | ... | ... | ... | ...

-There are 83 more IOC items available. Please use our online service to access the data.
+There are 1154 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -55,12 +327,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22 | Pathname Traversal | High
-2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
-4 | ... | ... | ... | ...
+1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
+2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+3 | T1055 | CWE-74 | Injection | High
+4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...

-There are 14 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -68,22 +342,65 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/admin.php?&m=Public&a=login` | High
-2 | File | `/api/` | Low
-3 | File | `/config/getuser` | High
-4 | File | `/management/api/rcx_management/global_config_query` | High
-5 | File | `/setSystemAdmin` | High
-6 | ... | ... | ...
+1 | File | `//proc/kcore` | Medium
+2 | File | `/admin.php/Admin/adminadd.html` | High
+3 | File | `/Admin/add-student.php` | High
+4 | File | `/admin/addemployee.php` | High
+5 | File | `/admin/maintenance/view_designation.php` | High
+6 | File | `/admin/settings/save.php` | High
+7 | File | `/admin/userprofile.php` | High
+8 | File | `/api/` | Low
+9 | File | `/api/RecordingList/DownloadRecord?file=` | High
+10 | File | `/api/sys_username_passwd.cmd` | High
+11 | File | `/apply.cgi` | Medium
+12 | File | `/card_scan.php` | High
+13 | File | `/cgi-bin/wlogin.cgi` | High
+14 | File | `/College/admin/teacher.php` | High
+15 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
+16 | File | `/cwc/login` | Medium
+17 | File | `/dcim/rack-roles/` | High
+18 | File | `/debug/pprof` | Medium
+19 | File | `/etc/quagga` | Medium
+20 | File | `/forms/doLogin` | High
+21 | File | `/forum/away.php` | High
+22 | File | `/goform/addUserName` | High
+23 | File | `/goform/aspForm` | High
+24 | File | `/goform/delAd` | High
+25 | File | `/goform/wifiSSIDset` | High
+26 | File | `/gpac/src/bifs/unquantize.c` | High
+27 | File | `/h/calendar` | Medium
+28 | File | `/inc/topBarNav.php` | High
+29 | File | `/index.asp` | Medium
+30 | File | `/index.php` | Medium
+31 | File | `/jfinal_cms/system/role/list` | High
+32 | File | `/kelas/data` | Medium
+33 | File | `/management/api/rcx_management/global_config_query` | High
+34 | File | `/members/view_member.php` | High
+35 | File | `/mkshop/Men/profile.php` | High
+36 | File | `/Moosikay/order.php` | High
+37 | File | `/nova/bin/console` | High
+38 | File | `/nova/bin/detnet` | High
+39 | File | `/out.php` | Medium
+40 | File | `/owa/auth/logon.aspx` | High
+41 | File | `/php-sms/admin/quotes/manage_remark.php` | High
+42 | ... | ... | ...

-There are 40 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 359 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

+* https://bazaar.abuse.ch/sample/38b742be48b426b5c89408092fb6ebdd93eefcb584b131abd9c7e3561641c3f1/
+* https://blog.malwarebytes.com/threat-analysis/2019/12/new-version-of-icedid-trojan-uses-steganographic-payloads/
 * https://blog.talosintelligence.com/2018/04/icedid-banking-trojan.html
 * https://cert.gov.ua/article/39609
+* https://gist.githubusercontent.com/myrtus0x0/0fb09259ac2b63e86200f844e1b90bb1/raw/dc6b5bafaa1ac0a50834a3d7ade19ff07eb6ddbd/IcedID_07_20_2021.txt
+* https://gist.githubusercontent.com/myrtus0x0/4bb17522271df974a6285b42214c4622/raw/e6d13ab2a0e4d789a0d19d693e9f5fc4828da553/IcedID_07_02_2021.txt
+* https://gist.githubusercontent.com/myrtus0x0/45231dd1cbb0c3673bce9a3995f19322/raw/b6d8ebfced321c338714b4e14d4271803d4fe098/IcedID_07_28_2021.txt
+* https://gist.githubusercontent.com/myrtus0x0/e8b191faa086c9b05e3978c3836fca51/raw/4550a14e8f883b81a10cbedf29782f75f138c414/IcedID_06_07_2021.txt
 * https://github.com/A-dd-Y/secops/blob/main/MalwareIOC/mwdb-icedid-c2.txt
+* https://isc.sans.edu/diary/28974
 * https://isc.sans.edu/diary/Google+ads+lead+to+fake+software+pages+pushing+IcedID+Bokbot/29344
 * https://isc.sans.edu/forums/diary/Analysis+from+March+2021+Traffic+Analysis+Quiz/27232/
 * https://isc.sans.edu/forums/diary/Emotet+infection+with+IcedID+banking+Trojan/24312/
@ -93,10 +410,27 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://isc.sans.edu/forums/diary/Malspam+with+passwordprotected+word+docs+still+pushing+IcedID+Bokbot+with+Trickbot/24708/
 * https://isc.sans.edu/forums/diary/Microsoft+Word+document+with+malicious+macro+pushes+IcedID+Bokbot/26146/
 * https://isc.sans.edu/forums/diary/One+Emotet+infection+leads+to+three+followup+malware+infections/24140/
+* https://raw.githubusercontent.com/pan-unit42/tweets/master/2021-03-24-IOCs-for-IcedID-infection-with-Cobalt-Strike.txt
+* https://raw.githubusercontent.com/pan-unit42/tweets/master/2022-08-29-IOCs-for-Monster-Libra-TA551-IcedID-with-Cobalt-Stike.txt
 * https://research.checkpoint.com/2021/melting-ice-tracking-icedid-servers-with-a-few-simple-steps/
+* https://sandnet.abuse.ch/report/5d9c2b17f30765462ff5e3eaa0931885/
 * https://thedfirreport.com/2021/07/19/icedid-and-cobalt-strike-vs-antivirus/
 * https://thedfirreport.com/2021/10/18/icedid-to-xinglocker-ransomware-in-24-hours/
+* https://thedfirreport.com/2023/05/22/icedid-macro-ends-in-nokoyawa-ransomware/
+* https://threatfox.abuse.ch
+* https://tria.ge/220106-tlm53abdc7
+* https://tria.ge/220112-fqpb2abca2
+* https://tria.ge/220222-31shrsfdg2
+* https://tria.ge/220224-svsw8seebr
+* https://twitter.com/1ZRR4H/status/1441951333347729409
+* https://twitter.com/Kostastsale/status/1615733462388047872
+* https://twitter.com/malware_traffic/status/1577779933895659520
+* https://twitter.com/teamcymru_S2/status/1576997553169522689
+* https://twitter.com/TheDFIRReport/status/1376496307888611333
+* https://www.cyber45.com
 * https://www.cybereason.com/blog/cybereason-vs.-quantum-locker-ransomware
+* https://www.fortinet.com/blog/threat-research/icedid-malware-analysis-part-two.html
+* https://www.malware-traffic-analysis.net/2019/05/01/index.html

 ## Literature

--- a/actors/KEYMARBLE/README.md
+++ b/actors/KEYMARBLE/README.md
@ -0,0 +1,54 @@
+# KEYMARBLE - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [KEYMARBLE](https://vuldb.com/?actor.keymarble). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.keymarble](https://vuldb.com/?actor.keymarble)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with KEYMARBLE:
+
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of KEYMARBLE.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [100.43.153.60](https://vuldb.com/?ip.100.43.153.60) | 100.43.153.60.static.krypt.com | - | High
+2 | [104.194.160.59](https://vuldb.com/?ip.104.194.160.59) | a.59.160.194.104.servpac.com | - | High
+3 | [212.143.21.43](https://vuldb.com/?ip.212.143.21.43) | - | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _KEYMARBLE_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1059.007 | CWE-79 | Cross Site Scripting | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by KEYMARBLE. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | Input Value | `\0` | Low
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Lazarus/README.md
+++ b/actors/Lazarus/README.md
@ -279,7 +279,7 @@ ID | Technique | Weakness | Description | Confidence
 4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
 5 | ... | ... | ... | ...

-There are 17 more TTP items available. Please use our online service to access the data.
+There are 16 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -298,20 +298,23 @@ ID | Type | Indicator | Confidence
 9 | File | `/admin/update_s6.php` | High
 10 | File | `/ajax.php?action=read_msg` | High
 11 | File | `/ajax.php?action=save_company` | High
-12 | File | `/api/stl/actions/search` | High
-13 | File | `/bin/login` | Medium
+12 | File | `/bin/login` | Medium
+13 | File | `/cgi-bin/jumpto.php?class=user&page=config_save&isphp=1` | High
 14 | File | `/changeimage.php` | High
 15 | File | `/classes/Users.php?f=save` | High
 16 | File | `/DXR.axd` | Medium
-17 | File | `/ghost/preview` | High
-18 | File | `/Login/CheckLogin` | High
-19 | File | `/note/index/delete` | High
-20 | File | `/owa/auth/logon.aspx` | High
-21 | File | `/SystemManage/Organize/GetTreeGridJson?_search=false&nd=1681813520783&rows=10000&page=1&sidx=&sord=asc` | High
-22 | File | `/SystemManage/Role/GetGridJson?keyword=&page=1&rows=20` | High
-23 | ... | ... | ...
+17 | File | `/forum/away.php` | High
+18 | File | `/ghost/preview` | High
+19 | File | `/Login/CheckLogin` | High
+20 | File | `/note/index/delete` | High
+21 | File | `/out.php` | Medium
+22 | File | `/owa/auth/logon.aspx` | High
+23 | File | `/send_order.cgi?parameter=restart` | High
+24 | File | `/SystemManage/Organize/GetTreeGridJson?_search=false&nd=1681813520783&rows=10000&page=1&sidx=&sord=asc` | High
+25 | File | `/SystemManage/Role/GetGridJson?keyword=&page=1&rows=20` | High
+26 | ... | ... | ...

-There are 196 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 215 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/LockBit/README.md
+++ b/actors/LockBit/README.md
@ -100,7 +100,7 @@ ID | Type | Indicator | Confidence
 39 | File | `announcements.php` | High
 40 | ... | ... | ...

-There are 340 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 342 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/LockFile/README.md
+++ b/actors/LockFile/README.md
@ -75,23 +75,22 @@ ID | Type | Indicator | Confidence
 29 | File | `/ocwbs/admin/?page=user/manage_user` | High
 30 | File | `/ofrs/admin/?page=user/manage_user` | High
 31 | File | `/out.php` | Medium
-32 | File | `/owa/auth/logon.aspx` | High
-33 | File | `/password.html` | High
-34 | File | `/php_action/fetchSelectedUser.php` | High
-35 | File | `/proc/ioports` | High
-36 | File | `/property-list/property_view.php` | High
-37 | File | `/ptms/classes/Users.php` | High
-38 | File | `/resources//../` | High
-39 | File | `/rest/api/2/search` | High
-40 | File | `/s/` | Low
-41 | File | `/scripts/cpan_config` | High
-42 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
-43 | File | `/spip.php` | Medium
-44 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
-45 | File | `/sys/dict/queryTableData` | High
-46 | ... | ... | ...
+32 | File | `/password.html` | High
+33 | File | `/php_action/fetchSelectedUser.php` | High
+34 | File | `/proc/ioports` | High
+35 | File | `/property-list/property_view.php` | High
+36 | File | `/ptms/classes/Users.php` | High
+37 | File | `/resources//../` | High
+38 | File | `/rest/api/2/search` | High
+39 | File | `/s/` | Low
+40 | File | `/scripts/cpan_config` | High
+41 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
+42 | File | `/spip.php` | Medium
+43 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
+44 | File | `/sys/dict/queryTableData` | High
+45 | ... | ... | ...

-There are 402 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 386 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Moth/README.md
+++ b/Moth/README.md
@ -89,7 +89,7 @@ ID | Type | Indicator | Confidence
 23 | File | `cng.sys` | Low
 24 | ... | ... | ...

-There are 201 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 203 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/MadoMiner/README.md
+++ b/actors/MadoMiner/README.md
@ -0,0 +1,110 @@
+# MadoMiner - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [MadoMiner](https://vuldb.com/?actor.madominer). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.madominer](https://vuldb.com/?actor.madominer)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with MadoMiner:
+
+* [VN](https://vuldb.com/?country.vn)
+* [US](https://vuldb.com/?country.us)
+* [CN](https://vuldb.com/?country.cn)
+* ...
+
+There are 9 more country items available. Please use our online service to access the data.
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of MadoMiner.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [61.130.31.174](https://vuldb.com/?ip.61.130.31.174) | - | - | High
+2 | [127.0.0.1](https://vuldb.com/?ip.127.0.0.1) | localhost | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _MadoMiner_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25, CWE-29 | Pathname Traversal | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
+4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+6 | ... | ... | ... | ...
+
+There are 19 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by MadoMiner. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/+CSCOE+/logon.html` | High
+2 | File | `/admin/upload/upload` | High
+3 | File | `/api/gen/clients/{language}` | High
+4 | File | `/cgi-bin/wlogin.cgi` | High
+5 | File | `/config/getuser` | High
+6 | File | `/config/myfield/test.php` | High
+7 | File | `/debug/pprof` | Medium
+8 | File | `/ecshop/admin/template.php` | High
+9 | File | `/example/editor` | High
+10 | File | `/file/upload/1` | High
+11 | File | `/forum/away.php` | High
+12 | File | `/forum/PostPrivateMessage` | High
+13 | File | `/HNAP1` | Low
+14 | File | `/home/www/cgi-bin/login.cgi` | High
+15 | File | `/iu-application/controllers/administration/auth.php` | High
+16 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
+17 | File | `/multi-vendor-shopping-script/product-list.php` | High
+18 | File | `/net-banking/customer_transactions.php` | High
+19 | File | `/obs/book.php` | High
+20 | File | `/ossn/administrator/com_installer` | High
+21 | File | `/owa/auth/logon.aspx` | High
+22 | File | `/pms/update_user.php?user_id=1` | High
+23 | File | `/requests.php` | High
+24 | File | `/spip.php` | Medium
+25 | File | `/sre/params.php` | High
+26 | File | `/tmp` | Low
+27 | File | `/uncpath/` | Medium
+28 | File | `/user/upload/upload` | High
+29 | File | `/Users` | Low
+30 | File | `/var/spool/hylafax` | High
+31 | File | `/vendor` | Low
+32 | File | `accountrecoveryendpoint/recoverpassword.do` | High
+33 | File | `action/addproject.php` | High
+34 | File | `adclick.php` | Medium
+35 | File | `add_contestant.php` | High
+36 | File | `admin.php` | Medium
+37 | File | `admin/index.php` | High
+38 | File | `admin/make_payments.php` | High
+39 | File | `Advanced_ASUSDDNS_Content.asp` | High
+40 | File | `af_netlink.c` | Medium
+41 | File | `album_portal.php` | High
+42 | File | `api/auth.go` | Medium
+43 | File | `api_jsonrpc.php` | High
+44 | ... | ... | ...
+
+There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Maikspy/README.md
+++ b/actors/Maikspy/README.md
@ -0,0 +1,67 @@
+# Maikspy - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Maikspy](https://vuldb.com/?actor.maikspy). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.maikspy](https://vuldb.com/?actor.maikspy)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Maikspy:
+
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Maikspy.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [107.180.46.243](https://vuldb.com/?ip.107.180.46.243) | 243.46.180.107.host.secureserver.net | - | High
+2 | [160.153.60.192](https://vuldb.com/?ip.160.153.60.192) | 192.60.153.160.host.secureserver.net | - | High
+3 | [192.169.217.55](https://vuldb.com/?ip.192.169.217.55) | 55.217.169.192.host.secureserver.net | - | High
+4 | ... | ... | ... | ...
+
+There are 2 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Maikspy_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1068 | CWE-264 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+4 | ... | ... | ... | ...
+
+There are 2 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Maikspy. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/see_more_details.php` | High
+2 | File | `data/gbconfiguration.dat` | High
+3 | File | `inc/config.php` | High
+4 | ... | ... | ...
+
+There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Stealer/README.md
+++ b/Stealer/README.md
@ -92,9 +92,10 @@ ID | Type | Indicator | Confidence
 31 | File | `/uncpath/` | Medium
 32 | File | `/usr/www/ja/mnt_cmd.cgi` | High
 33 | File | `/videotalk` | Medium
-34 | ... | ... | ...
+34 | File | `/view-property.php` | High
+35 | ... | ... | ...

-There are 295 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 303 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Medusa/README.md
+++ b/actors/Medusa/README.md
@ -0,0 +1,30 @@
+# Medusa - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Medusa](https://vuldb.com/?actor.medusa). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.medusa](https://vuldb.com/?actor.medusa)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Medusa.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [77.105.147.140](https://vuldb.com/?ip.77.105.147.140) | chief-slope.aeza.network | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://twitter.com/Jane_0sint/status/1670048531665518592
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Megacortex/README.md
+++ b/actors/Megacortex/README.md
@ -0,0 +1,32 @@
+# Megacortex - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Megacortex](https://vuldb.com/?actor.megacortex). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.megacortex](https://vuldb.com/?actor.megacortex)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Megacortex.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [3.29.17.1](https://vuldb.com/?ip.3.29.17.1) | ec2-3-29-17-1.me-central-1.compute.amazonaws.com | - | Medium
+2 | [89.105.198.28](https://vuldb.com/?ip.89.105.198.28) | - | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://news.sophos.com/en-us/2019/05/03/megacortex-ransomware-wants-to-be-the-one/
+* https://www.bleepingcomputer.com/news/security/new-megacortex-ransomware-changes-windows-passwords-threatens-to-publish-data/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Micropsia/README.md
+++ b/actors/Micropsia/README.md
@ -0,0 +1,70 @@
+# Micropsia - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Micropsia](https://vuldb.com/?actor.micropsia). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.micropsia](https://vuldb.com/?actor.micropsia)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Micropsia:
+
+* [GB](https://vuldb.com/?country.gb)
+* [US](https://vuldb.com/?country.us)
+* [CN](https://vuldb.com/?country.cn)
+* ...
+
+There are 1 more country items available. Please use our online service to access the data.
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Micropsia.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [192.169.6.59](https://vuldb.com/?ip.192.169.6.59) | nordns.crowncloud.net | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Micropsia_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
+3 | T1055 | CWE-74 | Injection | High
+4 | ... | ... | ... | ...
+
+There are 13 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Micropsia. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/login/index.php` | High
+2 | File | `/wp-content/plugins/updraftplus/admin.php` | High
+3 | File | `arch/powerpc/kernel/entry_64.S` | High
+4 | File | `auth2-gss.c` | Medium
+5 | File | `block/bfq-iosched.c` | High
+6 | File | `cgi-bin/webcm` | High
+7 | ... | ... | ...
+
+There are 52 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Mirai/README.md
+++ b/actors/Mirai/README.md
--- a/Buerak/README.md
+++ b/Buerak/README.md
@ -0,0 +1,44 @@
+# Mokes and Buerak - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Mokes and Buerak](https://vuldb.com/?actor.mokes_and_buerak). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.mokes_and_buerak](https://vuldb.com/?actor.mokes_and_buerak)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Mokes and Buerak:
+
+* [CN](https://vuldb.com/?country.cn)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Mokes and Buerak.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [47.245.30.255](https://vuldb.com/?ip.47.245.30.255) | - | - | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Mokes and Buerak. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `pcre2_jit_compile.c` | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://securelist.com/mokes-and-buerak-distributed-under-the-guise-of-security-certificates/96324/
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/MuddyWater/README.md
+++ b/actors/MuddyWater/README.md
@ -58,8 +58,8 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-28, CWE-36, CWE-425 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-28, CWE-29, CWE-36, CWE-425 | Pathname Traversal | High
+2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
@ -105,37 +105,34 @@ ID | Type | Indicator | Confidence
 30 | File | `/admin/positions_add.php` | High
 31 | File | `/admin/positions_delete.php` | High
 32 | File | `/admin/positions_row.php` | High
-33 | File | `/admin/product/manage.php` | High
-34 | File | `/admin/products/manage_product.php` | High
-35 | File | `/admin/reportupload.aspx` | High
-36 | File | `/admin/sales/index.php` | High
-37 | File | `/admin/sales/view_details.php` | High
-38 | File | `/admin/save_teacher.php` | High
-39 | File | `/admin/service.php` | High
-40 | File | `/admin/services/manage_service.php` | High
-41 | File | `/admin/update_s6.php` | High
-42 | File | `/admin/user/manage_user.php` | High
-43 | File | `/admin/voters_row.php` | High
-44 | File | `/advanced-tools/nova/bin/netwatch` | High
-45 | File | `/ajax.php?action=read_msg` | High
-46 | File | `/ajax.php?action=save_company` | High
-47 | File | `/analysisProject/pagingQueryData` | High
-48 | File | `/api/stl/actions/search` | High
-49 | File | `/bilal final/edit_stud.php` | High
-50 | File | `/bilal final/login.php` | High
-51 | File | `/bin/ate` | Medium
-52 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
-53 | File | `/cas/logout` | Medium
-54 | File | `/category/list?limit=10&offset=0&order=desc` | High
-55 | File | `/cgi-bin/ping.cgi` | High
-56 | File | `/circuits/circuit-types/` | High
-57 | File | `/circuits/provider-accounts/` | High
-58 | File | `/classes/Login.php` | High
-59 | File | `/classes/Master.php` | High
-60 | File | `/classes/Master.php?f=delete_inquiry` | High
-61 | ... | ... | ...
+33 | File | `/admin/products/manage_product.php` | High
+34 | File | `/admin/reportupload.aspx` | High
+35 | File | `/admin/sales/view_details.php` | High
+36 | File | `/admin/save_teacher.php` | High
+37 | File | `/admin/service.php` | High
+38 | File | `/admin/services/manage_service.php` | High
+39 | File | `/admin/update_s6.php` | High
+40 | File | `/admin/user/manage_user.php` | High
+41 | File | `/admin/voters_row.php` | High
+42 | File | `/advanced-tools/nova/bin/netwatch` | High
+43 | File | `/ajax.php?action=read_msg` | High
+44 | File | `/ajax.php?action=save_company` | High
+45 | File | `/analysisProject/pagingQueryData` | High
+46 | File | `/api/stl/actions/search` | High
+47 | File | `/bin/ate` | Medium
+48 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
+49 | File | `/cas/logout` | Medium
+50 | File | `/category/list?limit=10&offset=0&order=desc` | High
+51 | File | `/cgi-bin/ping.cgi` | High
+52 | File | `/circuits/circuit-types/` | High
+53 | File | `/circuits/provider-accounts/` | High
+54 | File | `/classes/Login.php` | High
+55 | File | `/classes/Master.php` | High
+56 | File | `/classes/Master.php?f=delete_inquiry` | High
+57 | File | `/classes/Master.php?f=delete_item` | High
+58 | ... | ... | ...

-There are 535 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 510 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Stealer/README.md
+++ b/Stealer/README.md
@ -0,0 +1,67 @@
+# Mystic Stealer - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Mystic Stealer](https://vuldb.com/?actor.mystic_stealer). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.mystic_stealer](https://vuldb.com/?actor.mystic_stealer)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Mystic Stealer:
+
+* [DE](https://vuldb.com/?country.de)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Mystic Stealer.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [91.121.118.80](https://vuldb.com/?ip.91.121.118.80) | 1218.rbx.abcvg.ovh | - | High
+2 | [94.23.26.20](https://vuldb.com/?ip.94.23.26.20) | 706.rbx.abcvg.ovh | - | High
+3 | [94.130.164.47](https://vuldb.com/?ip.94.130.164.47) | static.47.164.130.94.clients.your-server.de | - | High
+4 | ... | ... | ... | ...
+
+There are 4 more IOC items available. Please use our online service to access the data.
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Mystic Stealer_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1055 | CWE-74 | Injection | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-80 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 4 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Mystic Stealer. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/mgmt/tm/util/bash` | High
+2 | File | `adclick.php` | Medium
+3 | File | `data/gbconfiguration.dat` | High
+4 | ... | ... | ...
+
+There are 14 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.zscaler.com/blogs/security-research/mystic-stealer
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/N-W0rm/README.md
+++ b/actors/N-W0rm/README.md
@ -32,7 +32,7 @@ ID | IP address | Hostname | Campaign | Confidence
 9 | [37.120.141.190](https://vuldb.com/?ip.37.120.141.190) | - | - | High
 10 | ... | ... | ... | ...

-There are 35 more IOC items available. Please use our online service to access the data.
+There are 36 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -47,7 +47,7 @@ ID | Technique | Weakness | Description | Confidence
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 18 more TTP items available. Please use our online service to access the data.
+There are 19 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -70,35 +70,36 @@ ID | Type | Indicator | Confidence
 13 | File | `/api/v2/cli/commands` | High
 14 | File | `/app/options.py` | High
 15 | File | `/attachments` | Medium
-16 | File | `/boat/login.php` | High
-17 | File | `/bsms_ci/index.php/book` | High
-18 | File | `/cgi-bin` | Medium
-19 | File | `/cgi-bin/luci/api/wireless` | High
-20 | File | `/cgi-bin/wlogin.cgi` | High
-21 | File | `/context/%2e/WEB-INF/web.xml` | High
-22 | File | `/dashboard/reports/logs/view` | High
-23 | File | `/debian/patches/load_ppp_generic_if_needed` | High
-24 | File | `/debug/pprof` | Medium
-25 | File | `/env` | Low
-26 | File | `/etc/hosts` | Medium
-27 | File | `/forum/away.php` | High
-28 | File | `/goform/setmac` | High
-29 | File | `/goform/wizard_end` | High
-30 | File | `/horde/util/go.php` | High
-31 | File | `/index.php` | Medium
-32 | File | `/manage-apartment.php` | High
-33 | File | `/medicines/profile.php` | High
-34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
-35 | File | `/pages/apply_vacancy.php` | High
-36 | File | `/proc/<PID>/mem` | High
-37 | File | `/proxy` | Low
-38 | File | `/reservation/add_message.php` | High
-39 | File | `/spip.php` | Medium
-40 | File | `/tmp` | Low
-41 | File | `/uncpath/` | Medium
-42 | ... | ... | ...
+16 | File | `/bin/ate` | Medium
+17 | File | `/boat/login.php` | High
+18 | File | `/bsms_ci/index.php/book` | High
+19 | File | `/cgi-bin` | Medium
+20 | File | `/cgi-bin/luci/api/wireless` | High
+21 | File | `/cgi-bin/wlogin.cgi` | High
+22 | File | `/context/%2e/WEB-INF/web.xml` | High
+23 | File | `/dashboard/reports/logs/view` | High
+24 | File | `/debian/patches/load_ppp_generic_if_needed` | High
+25 | File | `/debug/pprof` | Medium
+26 | File | `/env` | Low
+27 | File | `/etc/hosts` | Medium
+28 | File | `/forum/away.php` | High
+29 | File | `/goform/setmac` | High
+30 | File | `/goform/wizard_end` | High
+31 | File | `/horde/util/go.php` | High
+32 | File | `/index.php` | Medium
+33 | File | `/manage-apartment.php` | High
+34 | File | `/medicines/profile.php` | High
+35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+36 | File | `/pages/apply_vacancy.php` | High
+37 | File | `/php-sms/admin/?page=user/manage_user` | High
+38 | File | `/proc/<PID>/mem` | High
+39 | File | `/proxy` | Low
+40 | File | `/reservation/add_message.php` | High
+41 | File | `/spip.php` | Medium
+42 | File | `/tmp` | Low
+43 | ... | ... | ...

-There are 362 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 372 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/NOTROBIN/README.md
+++ b/actors/NOTROBIN/README.md
@ -0,0 +1,66 @@
+# NOTROBIN - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [NOTROBIN](https://vuldb.com/?actor.notrobin). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.notrobin](https://vuldb.com/?actor.notrobin)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with NOTROBIN:
+
+* [CN](https://vuldb.com/?country.cn)
+* [US](https://vuldb.com/?country.us)
+* [SK](https://vuldb.com/?country.sk)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of NOTROBIN.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [80.240.31.218](https://vuldb.com/?ip.80.240.31.218) | 80.240.31.218.vultrusercontent.com | - | High
+2 | [95.179.163.186](https://vuldb.com/?ip.95.179.163.186) | 95.179.163.186.vultrusercontent.com | - | High
+3 | [127.0.0.2](https://vuldb.com/?ip.127.0.0.2) | mc20a2201.dnh.net | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _NOTROBIN_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1055 | CWE-74 | Injection | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 6 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by NOTROBIN. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `/+CSCOE+/logon.html` | High
+2 | File | `/front/search.php` | High
+3 | File | `/rom-0` | Low
+4 | ... | ... | ...
+
+There are 13 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Group/README.md
+++ b/Group/README.md
@ -54,8 +54,7 @@ ID | Technique | Weakness | Description | Confidence
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-6 | T1068 | CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
-7 | ... | ... | ... | ...
+6 | ... | ... | ... | ...

 There are 22 more TTP items available. Please use our online service to access the data.

@ -70,10 +69,10 @@ ID | Type | Indicator | Confidence
 3 | File | `/admin/config_save.php` | High
 4 | File | `/admin/edit_visitor.php` | High
 5 | File | `/admin/info.php` | High
-6 | File | `/admin/template.php` | High
-7 | File | `/alphaware/summary.php` | High
-8 | File | `/apply.cgi` | Medium
-9 | File | `/cfg` | Low
+6 | File | `/admin/plugin.php` | High
+7 | File | `/admin/template.php` | High
+8 | File | `/alphaware/summary.php` | High
+9 | File | `/apply.cgi` | Medium
 10 | File | `/cgi?` | Low
 11 | File | `/classes/Users.php` | High
 12 | File | `/dashboard/updatelogo.php` | High
@ -85,18 +84,18 @@ ID | Type | Indicator | Confidence
 18 | File | `/goform/SysToolRestoreSet` | High
 19 | File | `/graphql` | Medium
 20 | File | `/index.php` | Medium
-21 | File | `/jeecg-boot/jmreport/view` | High
-22 | File | `/jsoa/hntdCustomDesktopActionContent` | High
-23 | File | `/localhost/u` | Medium
-24 | File | `/mkshop/Men/profile.php` | High
-25 | File | `/net` | Low
-26 | File | `/Noxen-master/users.php` | High
-27 | File | `/opt/bin/cli` | Medium
-28 | File | `/out.php` | Medium
-29 | File | `/PluXml/core/admin/parametres_edittpl.php` | High
-30 | File | `/public/plugins/` | High
-31 | File | `/public_html/admin/plugins/bad_behavior2/blacklist.php` | High
-32 | File | `/rom-0` | Low
+21 | File | `/jeecg-boot/jmreport/upload` | High
+22 | File | `/jeecg-boot/jmreport/view` | High
+23 | File | `/jsoa/hntdCustomDesktopActionContent` | High
+24 | File | `/localhost/u` | Medium
+25 | File | `/mkshop/Men/profile.php` | High
+26 | File | `/net` | Low
+27 | File | `/Noxen-master/users.php` | High
+28 | File | `/opt/bin/cli` | Medium
+29 | File | `/out.php` | Medium
+30 | File | `/PluXml/core/admin/parametres_edittpl.php` | High
+31 | File | `/public/plugins/` | High
+32 | File | `/public_html/admin/plugins/bad_behavior2/blacklist.php` | High
 33 | File | `/root/run/adm.php?admin-ediy&part=exdiy` | High
 34 | File | `/setNTP.cgi` | Medium
 35 | File | `/setting/setWanIeCfg` | High
@ -108,10 +107,9 @@ ID | Type | Indicator | Confidence
 41 | File | `/wp-json/wc/v3/webhooks` | High
 42 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
 43 | File | `account.php` | Medium
-44 | File | `accounts/view_details.php` | High
-45 | ... | ... | ...
+44 | ... | ... | ...

-There are 390 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Naikon/README.md
+++ b/actors/Naikon/README.md
@ -14,7 +14,6 @@ The following _campaigns_ are known and can be associated with Naikon:

 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Naikon:

-* [FR](https://vuldb.com/?country.fr)
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)

@ -38,15 +37,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-35, CWE-36, CWE-425 | Pathname Traversal | High
+1 | T1006 | CWE-22, CWE-24, CWE-36 | Pathname Traversal | High
 2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94 | Cross Site Scripting | High
-5 | T1059.007 | CWE-79 | Cross Site Scripting | High
-6 | T1068 | CWE-264, CWE-269, CWE-270, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
-7 | ... | ... | ... | ...
+4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
+6 | ... | ... | ... | ...

-There are 24 more TTP items available. Please use our online service to access the data.
+There are 22 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -59,82 +57,90 @@ ID | Type | Indicator | Confidence
 3 | File | `/admin` | Low
 4 | File | `/admin.php/appcenter/local.html?type=addon` | High
 5 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
-6 | File | `/admin/?page=product/manage_product&id=2` | High
-7 | File | `/admin/?page=reminders/view_reminder` | High
+6 | File | `/admin/?page=maintenance/brand` | High
+7 | File | `/admin/?page=product/manage_product&id=2` | High
 8 | File | `/admin/?page=system_info` | High
-9 | File | `/admin/admin.php` | High
-10 | File | `/admin/ajax.php` | High
-11 | File | `/admin/assign/assign.php` | High
-12 | File | `/admin/attendance_row.php` | High
-13 | File | `/admin/ballot_up.php` | High
-14 | File | `/admin/bookings/manage_booking.php` | High
-15 | File | `/admin/bookings/view_details.php` | High
-16 | File | `/admin/budget/manage_budget.php` | High
-17 | File | `/admin/casedetails.php` | High
-18 | File | `/admin/cashadvance_row.php` | High
-19 | File | `/admin/categories/manage_category.php` | High
-20 | File | `/admin/categories/view_category.php` | High
-21 | File | `/admin/config_save.php` | High
-22 | File | `/admin/deduction_edit.php` | High
-23 | File | `/admin/departments/view_department.php` | High
-24 | File | `/admin/doctors.php` | High
-25 | File | `/admin/edit-doc.php` | High
-26 | File | `/admin/employee_add.php` | High
-27 | File | `/admin/employee_row.php` | High
-28 | File | `/admin/fields/manage_field.php` | High
-29 | File | `/admin/forgot-password.php` | High
-30 | File | `/admin/getallarticleinfo` | High
-31 | File | `/admin/index3.php` | High
-32 | File | `/admin/info_deal.php` | High
-33 | File | `/admin/inquiries/view_inquiry.php` | High
-34 | File | `/admin/login.php` | High
-35 | File | `/admin/maintenance/brand.php` | High
-36 | File | `/admin/maintenance/view_designation.php` | High
-37 | File | `/admin/manage_academic.php` | High
-38 | File | `/admin/offenses/view_details.php` | High
-39 | File | `/admin/orders/update_status.php` | High
-40 | File | `/admin/pictures` | High
-41 | File | `/admin/positions_add.php` | High
-42 | File | `/admin/positions_row.php` | High
-43 | File | `/admin/products/manage_product.php` | High
-44 | File | `/admin/products/view_product.php` | High
-45 | File | `/admin/reminders/manage_reminder.php` | High
-46 | File | `/admin/report/index.php` | High
-47 | File | `/admin/robot/approval/list` | High
-48 | File | `/admin/sales/index.php` | High
-49 | File | `/admin/sales/manage_sale.php` | High
-50 | File | `/admin/save_teacher.php` | High
-51 | File | `/admin/service.php` | High
-52 | File | `/admin/services/manage_service.php` | High
-53 | File | `/admin/students/view_details.php` | High
-54 | File | `/admin/transactions/track_shipment.php` | High
-55 | File | `/admin/upload` | High
-56 | File | `/admin/user/manage_user.php` | High
-57 | File | `/admin/userprofile.php` | High
-58 | File | `/admin_system/api.php` | High
-59 | File | `/analysisProject/pagingQueryData` | High
-60 | File | `/api/admin/system/store/order/list` | High
-61 | File | `/api/stl/actions/search` | High
-62 | File | `/api/upload` | Medium
-63 | File | `/bin/ate` | Medium
-64 | File | `/bin/httpd` | Medium
-65 | File | `/boafrm/formFilter` | High
-66 | File | `/category/list?limit=10&offset=0&order=desc` | High
-67 | File | `/classes/Login.php` | High
-68 | File | `/classes/Master.php` | High
-69 | File | `/classes/Master.php?f=delete_category` | High
-70 | File | `/classes/Master.php?f=delete_img` | High
-71 | File | `/classes/Master.php?f=delete_inquiry` | High
-72 | File | `/classes/Master.php?f=delete_item` | High
-73 | File | `/classes/Master.php?f=delete_service` | High
-74 | File | `/classes/Master.php?f=delete_sub_category` | High
-75 | File | `/classes/Master.php?f=save_course` | High
-76 | File | `/classes/Master.php?f=save_service` | High
-77 | File | `/classes/Users.php` | High
-78 | File | `/classes/Users.phpp` | High
-79 | ... | ... | ...
+9 | File | `/admin/?page=user` | High
+10 | File | `/admin/?page=user/list` | High
+11 | File | `/admin/addproduct.php` | High
+12 | File | `/admin/admin.php` | High
+13 | File | `/admin/ajax.php` | High
+14 | File | `/admin/ajax.php?action=save_area` | High
+15 | File | `/admin/assign/assign.php` | High
+16 | File | `/admin/ballot_down.php` | High
+17 | File | `/admin/ballot_up.php` | High
+18 | File | `/admin/bookings/manage_booking.php` | High
+19 | File | `/admin/bookings/view_booking.php` | High
+20 | File | `/admin/bookings/view_details.php` | High
+21 | File | `/admin/candidates_row.php` | High
+22 | File | `/admin/casedetails.php` | High
+23 | File | `/admin/cashadvance_row.php` | High
+24 | File | `/admin/categories/manage_category.php` | High
+25 | File | `/admin/categories/view_category.php` | High
+26 | File | `/admin/configurations/userInfo` | High
+27 | File | `/admin/config_save.php` | High
+28 | File | `/admin/contacts/organizations/edit/2` | High
+29 | File | `/admin/curriculum/view_curriculum.php` | High
+30 | File | `/admin/deduction_edit.php` | High
+31 | File | `/admin/edit-doc.php` | High
+32 | File | `/admin/edit_subject.php` | High
+33 | File | `/admin/employee_edit.php` | High
+34 | File | `/admin/fields/manage_field.php` | High
+35 | File | `/admin/forgot-password.php` | High
+36 | File | `/admin/getallarticleinfo` | High
+37 | File | `/admin/info_deal.php` | High
+38 | File | `/admin/inquiries/view_inquiry.php` | High
+39 | File | `/admin/inventory/manage_stock.php` | High
+40 | File | `/admin/login.php` | High
+41 | File | `/admin/maintenance/brand.php` | High
+42 | File | `/admin/maintenance/manage_category.php` | High
+43 | File | `/admin/manage_academic.php` | High
+44 | File | `/admin/modal_add_product.php` | High
+45 | File | `/admin/offenses/view_details.php` | High
+46 | File | `/admin/positions_add.php` | High
+47 | File | `/admin/positions_row.php` | High
+48 | File | `/admin/products/manage_product.php` | High
+49 | File | `/admin/products/view_product.php` | High
+50 | File | `/admin/read.php?mudi=announContent` | High
+51 | File | `/admin/read.php?mudi=getSignal` | High
+52 | File | `/admin/reminders/manage_reminder.php` | High
+53 | File | `/admin/report/index.php` | High
+54 | File | `/admin/reportupload.aspx` | High
+55 | File | `/admin/robot/approval/list` | High
+56 | File | `/admin/sales/index.php` | High
+57 | File | `/admin/sales/manage_sale.php` | High
+58 | File | `/admin/sales/view_details.php` | High
+59 | File | `/admin/save_teacher.php` | High
+60 | File | `/admin/services/manage_service.php` | High
+61 | File | `/admin/services/view_service.php` | High
+62 | File | `/admin/students/view_details.php` | High
+63 | File | `/admin/suppliers/view_details.php` | High
+64 | File | `/admin/transactions/track_shipment.php` | High
+65 | File | `/admin/update_s6.php` | High
+66 | File | `/admin/upload` | High
+67 | File | `/admin/user/manage_user.php` | High
+68 | File | `/admin/userprofile.php` | High
+69 | File | `/admin_system/api.php` | High
+70 | File | `/ajax.php?action=read_msg` | High
+71 | File | `/ajax.php?action=save_company` | High
+72 | File | `/analysisProject/pagingQueryData` | High
+73 | File | `/api/admin/store/product/list` | High
+74 | File | `/api/admin/store/product/save` | High
+75 | File | `/api/admin/system/store/order/list` | High
+76 | File | `/api/login` | Medium
+77 | File | `/api/stl/actions/search` | High
+78 | File | `/api/upload` | Medium
+79 | File | `/api/wechat/app_auth` | High
+80 | File | `/app/admin/users/print-user.php` | High
+81 | File | `/author/list?limit=10&offset=0&order=desc` | High
+82 | File | `/boafrm/formFilter` | High
+83 | File | `/booking/show_bookings/` | High
+84 | File | `/bsenordering/index.php` | High
+85 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
+86 | File | `/cache/` | Low
+87 | ... | ... | ...

-There are 691 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 767 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/NetSupportManager
+++ b/actors/NetSupportManager
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com

 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with NetSupportManager RAT:

-* [RU](https://vuldb.com/?country.ru)
 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
+* [RU](https://vuldb.com/?country.ru)
 * ...

-There are 17 more country items available. Please use our online service to access the data.
+There are 4 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -25,25 +25,29 @@ ID | IP address | Hostname | Campaign | Confidence
 2 | [5.45.74.233](https://vuldb.com/?ip.5.45.74.233) | zmta37.corpresponse.com | - | High
 3 | [5.45.83.127](https://vuldb.com/?ip.5.45.83.127) | - | - | High
 4 | [5.252.176.69](https://vuldb.com/?ip.5.252.176.69) | 5-252-176-69.mivocloud.com | - | High
-5 | [5.252.179.13](https://vuldb.com/?ip.5.252.179.13) | 5-252-179-13.mivocloud.com | - | High
-6 | [5.252.179.89](https://vuldb.com/?ip.5.252.179.89) | no-rdns.mivocloud.com | - | High
-7 | [5.252.179.93](https://vuldb.com/?ip.5.252.179.93) | no-rdns.mivocloud.com | - | High
-8 | [23.227.193.80](https://vuldb.com/?ip.23.227.193.80) | 23-227-193-80.static.hvvc.us | - | High
-9 | [45.11.180.120](https://vuldb.com/?ip.45.11.180.120) | - | - | High
-10 | [45.15.157.144](https://vuldb.com/?ip.45.15.157.144) | - | - | High
-11 | [45.61.136.72](https://vuldb.com/?ip.45.61.136.72) | - | - | High
-12 | [45.61.138.73](https://vuldb.com/?ip.45.61.138.73) | - | - | High
-13 | [45.76.172.113](https://vuldb.com/?ip.45.76.172.113) | 45.76.172.113.vultrusercontent.com | - | High
-14 | [45.77.31.210](https://vuldb.com/?ip.45.77.31.210) | 45.77.31.210.vultrusercontent.com | - | High
-15 | [46.17.106.230](https://vuldb.com/?ip.46.17.106.230) | vds2364993.my-ihor.ru | - | High
-16 | [46.21.159.165](https://vuldb.com/?ip.46.21.159.165) | 165.159.21.46.swiftway.net | - | High
-17 | [46.161.40.59](https://vuldb.com/?ip.46.161.40.59) | - | - | High
-18 | [51.195.53.204](https://vuldb.com/?ip.51.195.53.204) | ip204.ip-51-195-53.eu | - | High
-19 | [62.173.140.156](https://vuldb.com/?ip.62.173.140.156) | spetstroymsk77.example.com | - | High
-20 | [62.173.154.94](https://vuldb.com/?ip.62.173.154.94) | yurisleptsov.example.com | - | High
-21 | ... | ... | ... | ...
+5 | [5.252.179.5](https://vuldb.com/?ip.5.252.179.5) | 5-252-179-5.mivocloud.com | - | High
+6 | [5.252.179.13](https://vuldb.com/?ip.5.252.179.13) | 5-252-179-13.mivocloud.com | - | High
+7 | [5.252.179.17](https://vuldb.com/?ip.5.252.179.17) | mail-good-treat.livewirearea.com | - | High
+8 | [5.252.179.50](https://vuldb.com/?ip.5.252.179.50) | no-rdns.mivocloud.com | - | High
+9 | [5.252.179.60](https://vuldb.com/?ip.5.252.179.60) | no-rdns.mivocloud.com | - | High
+10 | [5.252.179.89](https://vuldb.com/?ip.5.252.179.89) | no-rdns.mivocloud.com | - | High
+11 | [5.252.179.93](https://vuldb.com/?ip.5.252.179.93) | no-rdns.mivocloud.com | - | High
+12 | [5.252.179.97](https://vuldb.com/?ip.5.252.179.97) | 5-252-179-97.mivocloud.com | - | High
+13 | [5.252.179.111](https://vuldb.com/?ip.5.252.179.111) | 5-252-179-111.mivocloud.com | - | High
+14 | [23.163.0.13](https://vuldb.com/?ip.23.163.0.13) | ht087348.fronews.com | - | High
+15 | [23.227.193.80](https://vuldb.com/?ip.23.227.193.80) | 23-227-193-80.static.hvvc.us | - | High
+16 | [37.61.213.242](https://vuldb.com/?ip.37.61.213.242) | - | - | High
+17 | [45.11.180.120](https://vuldb.com/?ip.45.11.180.120) | - | - | High
+18 | [45.15.157.144](https://vuldb.com/?ip.45.15.157.144) | - | - | High
+19 | [45.61.136.72](https://vuldb.com/?ip.45.61.136.72) | - | - | High
+20 | [45.61.138.73](https://vuldb.com/?ip.45.61.138.73) | - | - | High
+21 | [45.76.172.113](https://vuldb.com/?ip.45.76.172.113) | 45.76.172.113.vultrusercontent.com | - | High
+22 | [45.77.31.210](https://vuldb.com/?ip.45.77.31.210) | 45.77.31.210.vultrusercontent.com | - | High
+23 | [45.133.203.205](https://vuldb.com/?ip.45.133.203.205) | - | - | High
+24 | [46.17.106.110](https://vuldb.com/?ip.46.17.106.110) | zaphim2.ru | - | High
+25 | ... | ... | ... | ...

-There are 80 more IOC items available. Please use our online service to access the data.
+There are 98 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -51,13 +55,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
+2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
-4 | T1059 | CWE-94 | Cross Site Scripting | High
-5 | ... | ... | ... | ...
+4 | ... | ... | ... | ...

-There are 17 more TTP items available. Please use our online service to access the data.
+There are 12 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -65,70 +68,25 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `%PROGRAMFILES(X86)%\Teradici\PCoIP.exe` | High
-2 | File | `/.vnc/sesman_${username}_passwd` | High
-3 | File | `/addnews.html` | High
-4 | File | `/admin/addemployee.php` | High
-5 | File | `/admin/index.php` | High
-6 | File | `/admin/maintenance/view_designation.php` | High
-7 | File | `/api/RecordingList/DownloadRecord?file=` | High
-8 | File | `/apply.cgi` | Medium
-9 | File | `/cwc/login` | Medium
-10 | File | `/etc/luminex/pkgmgr` | High
-11 | File | `/etc/quantum/quantum.conf` | High
-12 | File | `/forum/away.php` | High
-13 | File | `/getcfg.php` | Medium
-14 | File | `/iwguestbook/admin/badwords_edit.asp` | High
-15 | File | `/iwguestbook/admin/messages_edit.asp` | High
-16 | File | `/jeecg-boot/sys/common/upload` | High
-17 | File | `/members/index.php` | High
-18 | File | `/MIME/INBOX-MM-1/` | High
-19 | File | `/mkshope/login.php` | High
-20 | File | `/php_action/createUser.php` | High
-21 | File | `/proc/self/environ` | High
-22 | File | `/rom-0` | Low
-23 | File | `/services/details.asp` | High
-24 | File | `/spip.php` | Medium
-25 | File | `/thruk/#cgi-bin/extinfo.cgi?type=2` | High
-26 | File | `/uncpath/` | Medium
-27 | File | `/user/updatePwd` | High
-28 | File | `/usr/bin/at` | Medium
-29 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
-30 | File | `/var/log/nginx` | High
-31 | File | `/way4acs/enroll` | High
-32 | File | `/wp-admin/admin-ajax.php` | High
-33 | File | `/wp-admin/admin.php?page=slickquiz-scores&id` | High
-34 | File | `/wp-content/uploads/photo-gallery/` | High
-35 | File | `7786/tcp` | Medium
-36 | File | `12122006-djtest.doc` | High
-37 | File | `abitwhizzy.php` | High
-38 | File | `acc.php` | Low
-39 | File | `AccessPoint.aspx` | High
-40 | File | `activate.php` | Medium
-41 | File | `activenews_search.asp` | High
-42 | File | `addpost1.asp` | Medium
-43 | File | `addshowsform.php` | High
-44 | File | `add_quiz.php` | Medium
-45 | File | `admin.loudmouth.php` | High
-46 | File | `admin.php` | Medium
-47 | File | `admin.pl` | Medium
-48 | File | `admin/conf_users_edit.php` | High
-49 | File | `admin/dashboard.php` | High
-50 | File | `admin/haber_ekle.asp` | High
-51 | File | `admin/index.php` | High
-52 | File | `admin/modules_data.php` | High
-53 | File | `admin/skins.php` | High
-54 | File | `admin/specials.php` | High
-55 | File | `admin_events.php` | High
-56 | File | `agent_subaffiliates.pl` | High
-57 | File | `ajax.php` | Medium
-58 | File | `ajax_invoice.php` | High
-59 | File | `app/topic/action/admin/topic.php` | High
-60 | File | `appserv/main.php` | High
-61 | File | `articulo.php` | Medium
-62 | ... | ... | ...
+1 | File | `/admin/index2.html` | High
+2 | File | `/api/RecordingList/DownloadRecord?file=` | High
+3 | File | `/apply.cgi` | Medium
+4 | File | `/forum/away.php` | High
+5 | File | `/include/makecvs.php` | High
+6 | File | `/out.php` | Medium
+7 | File | `/rapi/read_url` | High
+8 | File | `/requests.php` | High
+9 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
+10 | File | `/wp-admin/admin.php?page=wp_file_manager_properties` | High
+11 | File | `add.php` | Low
+12 | File | `admin/index.php` | High
+13 | File | `appserv/main.php` | High
+14 | File | `base/ErrorHandler.php` | High
+15 | File | `browser/thumbnails/render_widget_snapshot_taker.cc` | High
+16 | File | `cat.asp` | Low
+17 | ... | ... | ...

-There are 547 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 133 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -136,15 +94,19 @@ The following list contains _external sources_ which discuss the actor and the a

 * https://bazaar.abuse.ch/sample/1a9b3968a2f3a4ae0c9c51e6fc41a48829ac4a0fa118a7530c36715638ef0209/
 * https://bazaar.abuse.ch/sample/26cad4ec29bc07d7b2c32c94dbbef397391babf1c78cc533950b325aaf11bba8/
+* https://bazaar.abuse.ch/sample/759e159da0592063bb0eb967dd45802caa0a1538867994868d5b883f099286a5/
+* https://bazaar.abuse.ch/sample/2174b4c58eb43aac8e5e0061ff0bc45125f4cb64404d552fe25ea6ac1777113d/
 * https://bazaar.abuse.ch/sample/c9e6dc44db59f1883e850babac21890e5723d2627a623c47f709e3bb7d073e35/
 * https://infosec.exchange/@malware_traffic/109762477310102114
 * https://threatfox.abuse.ch
+* https://twitter.com/AnFam17/status/1671789322259800064
 * https://twitter.com/BroadAnalysis/status/1544348111488929796
 * https://twitter.com/Iamdeadlyz/status/1626286411879190528
 * https://twitter.com/phage_nz/status/1562229369669828608
 * https://twitter.com/pollo290987/status/1562087034948386817
 * https://twitter.com/pollo290987/status/1654206717251530753
 * https://twitter.com/StopMalvertisin/status/1648223628067237890
+* https://urlhaus.abuse.ch/host/navitainer.net/

 ## Literature

--- a/actors/NetWire/README.md
+++ b/actors/NetWire/README.md
@ -73,7 +73,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-36, CWE-37 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-36, CWE-37 | Pathname Traversal | High
 2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
@ -106,47 +106,47 @@ ID | Type | Indicator | Confidence
 15 | File | `/appliance/users?action=edit` | High
 16 | File | `/apply.cgi` | Medium
 17 | File | `/backup.pl` | Medium
-18 | File | `/cgi-bin/webviewer_login_page` | High
-19 | File | `/cgi-bin/wlogin.cgi` | High
-20 | File | `/College/admin/teacher.php` | High
-21 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
-22 | File | `/dashboard/updatelogo.php` | High
-23 | File | `/dcim/rack-roles/` | High
-24 | File | `/E-mobile/App/System/File/downfile.php` | High
-25 | File | `/edoc/doctor/patient.php` | High
-26 | File | `/etc/ldap.conf` | High
-27 | File | `/etc/shadow` | Medium
-28 | File | `/forum/away.php` | High
-29 | File | `/goform/addUserName` | High
-30 | File | `/goform/aspForm` | High
-31 | File | `/goform/delAd` | High
-32 | File | `/goform/wifiSSIDset` | High
-33 | File | `/gpac/src/bifs/unquantize.c` | High
-34 | File | `/h/calendar` | Medium
-35 | File | `/h/compose` | Medium
-36 | File | `/h/search?action=voicemail&action=listen` | High
-37 | File | `/inc/topBarNav.php` | High
-38 | File | `/index.asp` | Medium
-39 | File | `/index.php` | Medium
-40 | File | `/index.php?app=main&func=passport&action=login` | High
-41 | File | `/jfinal_cms/system/role/list` | High
-42 | File | `/kelas/data` | Medium
-43 | File | `/kelasdosen/data` | High
-44 | File | `/loginVaLidation.php` | High
-45 | File | `/manage-apartment.php` | High
-46 | File | `/manager/index.php` | High
-47 | File | `/mkshop/Men/profile.php` | High
-48 | File | `/Moosikay/order.php` | High
-49 | File | `/Noxen-master/users.php` | High
-50 | File | `/opac/Actions.php?a=login` | High
-51 | File | `/osm/REGISTER.cmd` | High
-52 | File | `/pages/animals.php` | High
-53 | File | `/php-scrm/login.php` | High
-54 | File | `/php-sms/admin/quotes/manage_remark.php` | High
-55 | File | `/php-sms/classes/Master.php` | High
+18 | File | `/cgi-bin/wlogin.cgi` | High
+19 | File | `/College/admin/teacher.php` | High
+20 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
+21 | File | `/dashboard/updatelogo.php` | High
+22 | File | `/dcim/rack-roles/` | High
+23 | File | `/E-mobile/App/System/File/downfile.php` | High
+24 | File | `/edoc/doctor/patient.php` | High
+25 | File | `/etc/ldap.conf` | High
+26 | File | `/etc/shadow` | Medium
+27 | File | `/forum/away.php` | High
+28 | File | `/goform/addUserName` | High
+29 | File | `/goform/aspForm` | High
+30 | File | `/goform/delAd` | High
+31 | File | `/goform/wifiSSIDset` | High
+32 | File | `/gpac/src/bifs/unquantize.c` | High
+33 | File | `/h/calendar` | Medium
+34 | File | `/h/compose` | Medium
+35 | File | `/h/search?action=voicemail&action=listen` | High
+36 | File | `/inc/topBarNav.php` | High
+37 | File | `/index.asp` | Medium
+38 | File | `/index.php` | Medium
+39 | File | `/index.php?app=main&func=passport&action=login` | High
+40 | File | `/jfinal_cms/system/role/list` | High
+41 | File | `/kelas/data` | Medium
+42 | File | `/kelasdosen/data` | High
+43 | File | `/loginVaLidation.php` | High
+44 | File | `/manage-apartment.php` | High
+45 | File | `/manager/index.php` | High
+46 | File | `/mkshop/Men/profile.php` | High
+47 | File | `/Moosikay/order.php` | High
+48 | File | `/Noxen-master/users.php` | High
+49 | File | `/opac/Actions.php?a=login` | High
+50 | File | `/osm/REGISTER.cmd` | High
+51 | File | `/pages/animals.php` | High
+52 | File | `/php-scrm/login.php` | High
+53 | File | `/php-sms/admin/quotes/manage_remark.php` | High
+54 | File | `/php-sms/classes/Master.php` | High
+55 | File | `/php-sms/classes/SystemSettings.php` | High
 56 | ... | ... | ...

-There are 487 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 485 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Nodster/README.md
+++ b/actors/Nodster/README.md
@ -0,0 +1,60 @@
+# Nodster - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Nodster](https://vuldb.com/?actor.nodster). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.nodster](https://vuldb.com/?actor.nodster)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Nodster:
+
+* [US](https://vuldb.com/?country.us)
+* [DE](https://vuldb.com/?country.de)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Nodster.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [176.9.117.194](https://vuldb.com/?ip.176.9.117.194) | static.194.117.9.176.clients.your-server.de | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Nodster_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1059 | CWE-94 | Cross Site Scripting | High
+2 | T1059.007 | CWE-79 | Cross Site Scripting | High
+3 | T1592 | CWE-200 | Configuration | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Nodster. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `inc/filebrowser/browser.php` | High
+2 | File | `redirect.do` | Medium
+3 | Argument | `file` | Low
+4 | ... | ... | ...
+
+There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/trojan.js.nodster.a
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/Petya/README.md
+++ b/Petya/README.md
@ -0,0 +1,75 @@
+# Not Petya - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Not Petya](https://vuldb.com/?actor.not_petya). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.not_petya](https://vuldb.com/?actor.not_petya)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Not Petya:
+
+* [US](https://vuldb.com/?country.us)
+* [RU](https://vuldb.com/?country.ru)
+* [PL](https://vuldb.com/?country.pl)
+* ...
+
+There are 4 more country items available. Please use our online service to access the data.
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Not Petya.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [159.148.186.214](https://vuldb.com/?ip.159.148.186.214) | whattimeisnow.net | - | High
+2 | [176.31.182.167](https://vuldb.com/?ip.176.31.182.167) | ns3292767.ip-176-31-182.eu | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Not Petya_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1055 | CWE-74 | Injection | High
+3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 9 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Not Petya. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `.htaccess` | Medium
+2 | File | `/manager?action=getlogcat` | High
+3 | File | `/spip.php` | Medium
+4 | File | `/tmp` | Low
+5 | File | `admin/admin.php` | High
+6 | File | `admin/conf_users_edit.php` | High
+7 | File | `admin/developer/` | High
+8 | File | `admin/index.php` | High
+9 | File | `admin/ueditor/uploadFile` | High
+10 | File | `ajaxRequest/methodCall.do` | High
+11 | ... | ... | ...
+
+There are 79 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Nymaim/README.md
+++ b/actors/Nymaim/README.md
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Nymaim:

 * [US](https://vuldb.com/?country.us)
-* [RU](https://vuldb.com/?country.ru)
-* [RO](https://vuldb.com/?country.ro)
+* [CN](https://vuldb.com/?country.cn)
+* [NL](https://vuldb.com/?country.nl)
 * ...

-There are 8 more country items available. Please use our online service to access the data.
+There are 16 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -30,9 +30,13 @@ ID | IP address | Hostname | Campaign | Confidence
 7 | [46.47.98.128](https://vuldb.com/?ip.46.47.98.128) | 46-47-98-128.stz.ddns.bulsat.com | - | High
 8 | [46.238.18.157](https://vuldb.com/?ip.46.238.18.157) | ip-46-238-18-157.home.megalan.bg | - | High
 9 | [47.91.242.212](https://vuldb.com/?ip.47.91.242.212) | - | - | High
-10 | ... | ... | ... | ...
+10 | [50.22.169.26](https://vuldb.com/?ip.50.22.169.26) | 1a.a9.1632.ip4.static.sl-reverse.com | - | High
+11 | [51.218.181.145](https://vuldb.com/?ip.51.218.181.145) | - | - | High
+12 | [52.85.144.32](https://vuldb.com/?ip.52.85.144.32) | server-52-85-144-32.iad89.r.cloudfront.net | - | High
+13 | [52.114.128.43](https://vuldb.com/?ip.52.114.128.43) | - | - | High
+14 | ... | ... | ... | ...

-There are 36 more IOC items available. Please use our online service to access the data.
+There are 52 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -40,12 +44,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25 | Pathname Traversal | High
-2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-25, CWE-28 | Pathname Traversal | High
+2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-6 | T1068 | CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+6 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
 7 | ... | ... | ... | ...

 There are 22 more TTP items available. Please use our online service to access the data.
@ -57,35 +61,51 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `%PROGRAMDATA%\Razer\Synapse3\Service\bin` | High
-2 | File | `/+CSCOE+/logon.html` | High
-3 | File | `//` | Low
-4 | File | `/admin/doctors/view_doctor.php` | High
-5 | File | `/appliance/users?action=edit` | High
-6 | File | `/backup.pl` | Medium
-7 | File | `/bin/boa` | Medium
-8 | File | `/classes/Master.php?f=delete_reservation` | High
-9 | File | `/config/getuser` | High
-10 | File | `/data-service/users/` | High
-11 | File | `/DXR.axd` | Medium
-12 | File | `/goform/formWPS` | High
-13 | File | `/IISADMPWD` | Medium
-14 | File | `/inc/campaign/count_of_send.php` | High
-15 | File | `/index.php` | Medium
-16 | File | `/js/app.js` | Medium
-17 | File | `/login` | Low
-18 | File | `/mgmt/tm/util/bash` | High
-19 | File | `/northstar/Portal/processlogin.jsp` | High
-20 | File | `/public/plugins/` | High
-21 | File | `/rdms/admin/?page=user/manage_user` | High
-22 | File | `/registration.php` | High
-23 | File | `/rest/api/1.0/issues/{id}/ActionsAndOperations` | High
-24 | File | `/rest/collectors/1.0/template/custom` | High
-25 | File | `/SAP_Information_System/controllers/add_admin.php` | High
-26 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
-27 | File | `/secure/QueryComponent!Default.jspa` | High
-28 | ... | ... | ...
+2 | File | `.travis.yml` | Medium
+3 | File | `/+CSCOE+/logon.html` | High
+4 | File | `/?p=products` | Medium
+5 | File | `/admin.php/accessory/filesdel.html` | High
+6 | File | `/admin/?page=user/manage` | High
+7 | File | `/admin/add-new.php` | High
+8 | File | `/admin/doctors.php` | High
+9 | File | `/admin/submit-articles` | High
+10 | File | `/alphaware/summary.php` | High
+11 | File | `/api/` | Low
+12 | File | `/api/admin/store/product/list` | High
+13 | File | `/api/stl/actions/search` | High
+14 | File | `/api/v2/cli/commands` | High
+15 | File | `/attachments` | Medium
+16 | File | `/backup.pl` | Medium
+17 | File | `/bin/ate` | Medium
+18 | File | `/bin/boa` | Medium
+19 | File | `/boat/login.php` | High
+20 | File | `/bsms_ci/index.php/book` | High
+21 | File | `/cgi-bin` | Medium
+22 | File | `/cgi-bin/wlogin.cgi` | High
+23 | File | `/classes/Master.php?f=delete_reservation` | High
+24 | File | `/context/%2e/WEB-INF/web.xml` | High
+25 | File | `/debug/pprof` | Medium
+26 | File | `/DXR.axd` | Medium
+27 | File | `/env` | Low
+28 | File | `/etc/hosts` | Medium
+29 | File | `/forum/away.php` | High
+30 | File | `/goform/formWPS` | High
+31 | File | `/goform/wizard_end` | High
+32 | File | `/inc/campaign/count_of_send.php` | High
+33 | File | `/medicines/profile.php` | High
+34 | File | `/mgmt/tm/util/bash` | High
+35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
+36 | File | `/php-sms/admin/?page=user/manage_user` | High
+37 | File | `/proxy` | Low
+38 | File | `/rdms/admin/?page=user/manage_user` | High
+39 | File | `/reservation/add_message.php` | High
+40 | File | `/secure/QueryComponent!Default.jspa` | High
+41 | File | `/shell` | Low
+42 | File | `/spip.php` | Medium
+43 | File | `/templates/importinline.vm` | High
+44 | ... | ... | ...

-There are 235 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 377 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -101,6 +121,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://blog.talosintelligence.com/2021/07/threat-roundup-0625-0702.html
 * https://blog.talosintelligence.com/2021/08/threat-roundup-0730-0806.html
 * https://tria.ge/221114-t9vvtagh7t
+* https://www.cyber45.com

 ## Literature

--- a/actors/OceanLotus/README.md
+++ b/actors/OceanLotus/README.md
@ -15,11 +15,11 @@ The following _campaigns_ are known and can be associated with OceanLotus:
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with OceanLotus:

 * [US](https://vuldb.com/?country.us)
-* [CN](https://vuldb.com/?country.cn)
 * [RU](https://vuldb.com/?country.ru)
+* [GB](https://vuldb.com/?country.gb)
 * ...

-There are 2 more country items available. Please use our online service to access the data.
+There are 1 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -52,7 +52,7 @@ ID | IP address | Hostname | Campaign | Confidence
 23 | [46.183.223.106](https://vuldb.com/?ip.46.183.223.106) | ip-223-106.dataclub.info | - | High
 24 | ... | ... | ... | ...

-There are 92 more IOC items available. Please use our online service to access the data.
+There are 91 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -98,7 +98,7 @@ ID | Type | Indicator | Confidence
 23 | File | `admin/languages.php` | High
 24 | ... | ... | ...

-There are 205 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 204 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Cruiser/README.md
+++ b/Cruiser/README.md
@ -0,0 +1,32 @@
+# Operation Star Cruiser - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Operation Star Cruiser](https://vuldb.com/?actor.operation_star_cruiser). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.operation_star_cruiser](https://vuldb.com/?actor.operation_star_cruiser)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Operation Star Cruiser.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [104.222.231.91](https://vuldb.com/?ip.104.222.231.91) | - | - | High
+2 | [104.222.238.216](https://vuldb.com/?ip.104.222.238.216) | - | - | High
+3 | [104.224.219.107](https://vuldb.com/?ip.104.224.219.107) | - | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Orchard/README.md
+++ b/actors/Orchard/README.md
@ -74,7 +74,7 @@ ID | Type | Indicator | Confidence
 23 | File | `/question/ask` | High
 24 | ... | ... | ...

-There are 201 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 203 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/POWERTRASH/README.md
+++ b/actors/POWERTRASH/README.md
@ -0,0 +1,30 @@
+# POWERTRASH - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [POWERTRASH](https://vuldb.com/?actor.powertrash). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.powertrash](https://vuldb.com/?actor.powertrash)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of POWERTRASH.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [185.39.204.19](https://vuldb.com/?ip.185.39.204.19) | tuu.ip-ptr.tech | - | High
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://twitter.com/TLP_R3D/status/1671437049658761217
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Patchwork/README.md
+++ b/actors/Patchwork/README.md
@ -20,7 +20,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [RU](https://vuldb.com/?country.ru)
 * ...

-There are 28 more country items available. Please use our online service to access the data.
+There are 27 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -95,11 +95,9 @@ ID | IP address | Hostname | Campaign | Confidence
 65 | [46.165.248.236](https://vuldb.com/?ip.46.165.248.236) | - | - | High
 66 | [46.165.248.237](https://vuldb.com/?ip.46.165.248.237) | - | - | High
 67 | [46.165.248.238](https://vuldb.com/?ip.46.165.248.238) | - | - | High
-68 | [46.165.248.239](https://vuldb.com/?ip.46.165.248.239) | - | - | High
-69 | [46.165.248.240](https://vuldb.com/?ip.46.165.248.240) | - | - | High
-70 | ... | ... | ... | ...
+68 | ... | ... | ... | ...

-There are 275 more IOC items available. Please use our online service to access the data.
+There are 270 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -124,10 +122,10 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `/+CSCOE+/logon.html` | High
-2 | File | `/ajax/networking/get_netcfg.php` | High
-3 | File | `/api/gen/clients/{language}` | High
-4 | File | `/app/options.py` | High
-5 | File | `/apply_noauth.cgi` | High
+2 | File | `/ajax.php?action=read_msg` | High
+3 | File | `/ajax/networking/get_netcfg.php` | High
+4 | File | `/api/gen/clients/{language}` | High
+5 | File | `/app/options.py` | High
 6 | File | `/bin/httpd` | Medium
 7 | File | `/cgi-bin/wapopen` | High
 8 | File | `/ci_spms/admin/category` | High
@ -162,10 +160,9 @@ ID | Type | Indicator | Confidence
 37 | File | `/s/` | Low
 38 | File | `/scripts/cpan_config` | High
 39 | File | `/secure/admin/InsightDefaultCustomFieldConfig.jspa` | High
-40 | File | `/shell` | Low
-41 | ... | ... | ...
+40 | ... | ... | ...

-There are 357 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 346 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Pikabot/README.md
+++ b/actors/Pikabot/README.md
@ -21,15 +21,16 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi

 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [38.54.33.239](https://vuldb.com/?ip.38.54.33.239) | - | - | High
-2 | [45.85.235.39](https://vuldb.com/?ip.45.85.235.39) | - | - | High
-3 | [45.154.24.57](https://vuldb.com/?ip.45.154.24.57) | - | - | High
-4 | [67.21.33.188](https://vuldb.com/?ip.67.21.33.188) | oy5bj6thee.ah1556.com | - | High
-5 | [67.21.33.208](https://vuldb.com/?ip.67.21.33.208) | rcs92zewb1.absolutehomecarekent.com | - | High
-6 | [76.115.120.231](https://vuldb.com/?ip.76.115.120.231) | c-76-115-120-231.hsd1.or.comcast.net | - | High
-7 | [81.254.128.85](https://vuldb.com/?ip.81.254.128.85) | lfbn-lil-1-546-85.w81-254.abo.wanadoo.fr | - | High
-8 | [85.215.162.167](https://vuldb.com/?ip.85.215.162.167) | ip85.215.162.167.pbiaas.com | - | High
-9 | ... | ... | ... | ...
+1 | [8.20.255.249](https://vuldb.com/?ip.8.20.255.249) | - | - | High
+2 | [38.54.33.239](https://vuldb.com/?ip.38.54.33.239) | - | - | High
+3 | [45.85.235.39](https://vuldb.com/?ip.45.85.235.39) | - | - | High
+4 | [45.154.24.57](https://vuldb.com/?ip.45.154.24.57) | - | - | High
+5 | [67.21.33.188](https://vuldb.com/?ip.67.21.33.188) | oy5bj6thee.ah1556.com | - | High
+6 | [67.21.33.208](https://vuldb.com/?ip.67.21.33.208) | rcs92zewb1.absolutehomecarekent.com | - | High
+7 | [76.115.120.231](https://vuldb.com/?ip.76.115.120.231) | c-76-115-120-231.hsd1.or.comcast.net | - | High
+8 | [81.254.128.85](https://vuldb.com/?ip.81.254.128.85) | lfbn-lil-1-546-85.w81-254.abo.wanadoo.fr | - | High
+9 | [85.215.162.167](https://vuldb.com/?ip.85.215.162.167) | ip85.215.162.167.pbiaas.com | - | High
+10 | ... | ... | ... | ...

 There are 34 more IOC items available. Please use our online service to access the data.

@ -61,7 +62,7 @@ ID | Type | Indicator | Confidence
 7 | File | `/proc/self/environ` | High
 8 | ... | ... | ...

-There are 53 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 56 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Prometei/README.md
+++ b/actors/Prometei/README.md
@ -51,7 +51,7 @@ ID | Type | Indicator | Confidence
 7 | File | `/newsDia.php` | Medium
 8 | ... | ... | ...

-There are 57 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 59 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Spider/README.md
+++ b/Spider/README.md
@ -90,40 +90,40 @@ ID | Type | Indicator | Confidence
 28 | File | `/admin/products/manage_product.php` | High
 29 | File | `/admin/products/view_product.php` | High
 30 | File | `/admin/read.php?mudi=getSignal` | High
-31 | File | `/admin/reminders/manage_reminder.php` | High
-32 | File | `/admin/report/index.php` | High
-33 | File | `/admin/reportupload.aspx` | High
-34 | File | `/admin/sales/manage_sale.php` | High
-35 | File | `/admin/service.php` | High
-36 | File | `/admin/services/manage_service.php` | High
-37 | File | `/admin/services/view_service.php` | High
-38 | File | `/admin/service_requests/manage_inventory.php` | High
-39 | File | `/admin/update_s6.php` | High
-40 | File | `/admin/user/manage_user.php` | High
-41 | File | `/admin/userprofile.php` | High
-42 | File | `/admin_area/login_transfer.php` | High
-43 | File | `/adms/admin/?page=user/manage_user` | High
-44 | File | `/adms/admin/?page=vehicles/view_transaction` | High
-45 | File | `/ajax.php?action=read_msg` | High
-46 | File | `/ajax.php?action=save_company` | High
-47 | File | `/ajax/update_certificate` | High
-48 | File | `/alphaware/details.php` | High
-49 | File | `/api/stl/actions/search` | High
-50 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
-51 | File | `/cgi-bin/ping.cgi` | High
-52 | File | `/cgi-bin/touchlist_sync.cgi` | High
-53 | File | `/cgi-bin/wlogin.cgi` | High
-54 | File | `/changeimage.php` | High
-55 | File | `/classes/Login.php` | High
-56 | File | `/classes/Master.php` | High
-57 | File | `/classes/Master.php?f=delete_inquiry` | High
-58 | File | `/classes/Master.php?f=delete_item` | High
-59 | File | `/classes/Master.php?f=delete_service` | High
-60 | File | `/classes/Master.php?f=delete_sub_category` | High
-61 | File | `/classes/Master.php?f=save_course` | High
+31 | File | `/admin/reg.php` | High
+32 | File | `/admin/reminders/manage_reminder.php` | High
+33 | File | `/admin/report/index.php` | High
+34 | File | `/admin/reportupload.aspx` | High
+35 | File | `/admin/sales/manage_sale.php` | High
+36 | File | `/admin/service.php` | High
+37 | File | `/admin/services/manage_service.php` | High
+38 | File | `/admin/services/view_service.php` | High
+39 | File | `/admin/service_requests/manage_inventory.php` | High
+40 | File | `/admin/update_s6.php` | High
+41 | File | `/admin/user/manage_user.php` | High
+42 | File | `/admin/userprofile.php` | High
+43 | File | `/admin_area/login_transfer.php` | High
+44 | File | `/adms/admin/?page=user/manage_user` | High
+45 | File | `/adms/admin/?page=vehicles/view_transaction` | High
+46 | File | `/ajax.php?action=read_msg` | High
+47 | File | `/ajax.php?action=save_company` | High
+48 | File | `/ajax/update_certificate` | High
+49 | File | `/alphaware/details.php` | High
+50 | File | `/api/stl/actions/search` | High
+51 | File | `/booking/show_bookings/` | High
+52 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
+53 | File | `/cgi-bin/ping.cgi` | High
+54 | File | `/cgi-bin/touchlist_sync.cgi` | High
+55 | File | `/cgi-bin/wlogin.cgi` | High
+56 | File | `/changeimage.php` | High
+57 | File | `/classes/Login.php` | High
+58 | File | `/classes/Master.php` | High
+59 | File | `/classes/Master.php?f=delete_inquiry` | High
+60 | File | `/classes/Master.php?f=delete_item` | High
+61 | File | `/classes/Master.php?f=delete_service` | High
 62 | ... | ... | ...

-There are 541 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 545 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/RAT/README.md
+++ b/RAT/README.md
@ -10,7 +10,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce

 * [VN](https://vuldb.com/?country.vn)
 * [CN](https://vuldb.com/?country.cn)
-* [RU](https://vuldb.com/?country.ru)
+* [LA](https://vuldb.com/?country.la)
 * ...

 There are 2 more country items available. Please use our online service to access the data.
@ -27,48 +27,54 @@ ID | IP address | Hostname | Campaign | Confidence
 4 | [3.71.116.67](https://vuldb.com/?ip.3.71.116.67) | ec2-3-71-116-67.eu-central-1.compute.amazonaws.com | - | Medium
 5 | [3.83.129.253](https://vuldb.com/?ip.3.83.129.253) | ec2-3-83-129-253.compute-1.amazonaws.com | - | Medium
 6 | [3.121.208.125](https://vuldb.com/?ip.3.121.208.125) | ec2-3-121-208-125.eu-central-1.compute.amazonaws.com | - | Medium
-7 | [5.161.113.202](https://vuldb.com/?ip.5.161.113.202) | static.202.113.161.5.clients.your-server.de | - | High
-8 | [5.181.166.139](https://vuldb.com/?ip.5.181.166.139) | - | - | High
-9 | [13.233.24.14](https://vuldb.com/?ip.13.233.24.14) | ec2-13-233-24-14.ap-south-1.compute.amazonaws.com | - | Medium
-10 | [14.32.99.105](https://vuldb.com/?ip.14.32.99.105) | - | - | High
-11 | [14.225.204.247](https://vuldb.com/?ip.14.225.204.247) | static.vnpt.vn | - | High
-12 | [14.225.254.32](https://vuldb.com/?ip.14.225.254.32) | - | - | High
-13 | [15.165.236.45](https://vuldb.com/?ip.15.165.236.45) | ec2-15-165-236-45.ap-northeast-2.compute.amazonaws.com | - | Medium
-14 | [15.204.13.245](https://vuldb.com/?ip.15.204.13.245) | ip245.ip-15-204-13.us | - | High
-15 | [20.123.197.130](https://vuldb.com/?ip.20.123.197.130) | - | - | High
-16 | [20.218.120.153](https://vuldb.com/?ip.20.218.120.153) | - | - | High
-17 | [20.223.155.39](https://vuldb.com/?ip.20.223.155.39) | - | - | High
-18 | [20.231.104.157](https://vuldb.com/?ip.20.231.104.157) | - | - | High
-19 | [23.105.131.196](https://vuldb.com/?ip.23.105.131.196) | mail196.nessfist.com | - | High
-20 | [27.11.235.246](https://vuldb.com/?ip.27.11.235.246) | - | - | High
-21 | [27.72.56.186](https://vuldb.com/?ip.27.72.56.186) | dynamic-ip-adsl.viettel.vn | - | High
-22 | [31.7.63.14](https://vuldb.com/?ip.31.7.63.14) | rack223ch.idfnv.ne | - | High
-23 | [34.96.240.37](https://vuldb.com/?ip.34.96.240.37) | 37.240.96.34.bc.googleusercontent.com | - | Medium
-24 | [34.125.93.181](https://vuldb.com/?ip.34.125.93.181) | 181.93.125.34.bc.googleusercontent.com | - | Medium
-25 | [35.79.36.216](https://vuldb.com/?ip.35.79.36.216) | ec2-35-79-36-216.ap-northeast-1.compute.amazonaws.com | - | Medium
-26 | [35.157.111.131](https://vuldb.com/?ip.35.157.111.131) | ec2-35-157-111-131.eu-central-1.compute.amazonaws.com | - | Medium
-27 | [35.177.17.33](https://vuldb.com/?ip.35.177.17.33) | ec2-35-177-17-33.eu-west-2.compute.amazonaws.com | - | Medium
-28 | [37.0.11.118](https://vuldb.com/?ip.37.0.11.118) | - | - | High
-29 | [37.0.14.205](https://vuldb.com/?ip.37.0.14.205) | - | - | High
-30 | [37.48.117.136](https://vuldb.com/?ip.37.48.117.136) | - | - | High
-31 | [37.120.206.86](https://vuldb.com/?ip.37.120.206.86) | - | - | High
-32 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
-33 | [38.242.128.85](https://vuldb.com/?ip.38.242.128.85) | vmi1149994.contaboserver.net | - | High
-34 | [39.107.242.96](https://vuldb.com/?ip.39.107.242.96) | - | - | High
-35 | [40.117.196.252](https://vuldb.com/?ip.40.117.196.252) | - | - | High
-36 | [41.79.11.214](https://vuldb.com/?ip.41.79.11.214) | - | - | High
-37 | [41.102.117.114](https://vuldb.com/?ip.41.102.117.114) | - | - | High
-38 | [41.232.207.130](https://vuldb.com/?ip.41.232.207.130) | host-41.232.207.130.tedata.net | - | High
-39 | [41.234.44.38](https://vuldb.com/?ip.41.234.44.38) | host-41.234.44.38.tedata.net | - | High
-40 | [41.234.46.29](https://vuldb.com/?ip.41.234.46.29) | host-41.234.46.29.tedata.net | - | High
-41 | [42.192.132.19](https://vuldb.com/?ip.42.192.132.19) | - | - | High
-42 | [43.154.232.190](https://vuldb.com/?ip.43.154.232.190) | - | - | High
-43 | [43.240.48.46](https://vuldb.com/?ip.43.240.48.46) | - | - | High
-44 | [45.12.213.244](https://vuldb.com/?ip.45.12.213.244) | vm2521174.52ssd.had.wf | - | High
-45 | [45.14.13.20](https://vuldb.com/?ip.45.14.13.20) | free.example.com | - | High
-46 | ... | ... | ... | ...
+7 | [5.61.44.125](https://vuldb.com/?ip.5.61.44.125) | - | - | High
+8 | [5.102.157.70](https://vuldb.com/?ip.5.102.157.70) | - | - | High
+9 | [5.161.113.202](https://vuldb.com/?ip.5.161.113.202) | static.202.113.161.5.clients.your-server.de | - | High
+10 | [5.161.184.38](https://vuldb.com/?ip.5.161.184.38) | static.38.184.161.5.clients.your-server.de | - | High
+11 | [5.181.166.139](https://vuldb.com/?ip.5.181.166.139) | - | - | High
+12 | [13.233.24.14](https://vuldb.com/?ip.13.233.24.14) | ec2-13-233-24-14.ap-south-1.compute.amazonaws.com | - | Medium
+13 | [14.32.99.105](https://vuldb.com/?ip.14.32.99.105) | - | - | High
+14 | [14.225.204.247](https://vuldb.com/?ip.14.225.204.247) | static.vnpt.vn | - | High
+15 | [14.225.254.32](https://vuldb.com/?ip.14.225.254.32) | - | - | High
+16 | [15.165.236.45](https://vuldb.com/?ip.15.165.236.45) | ec2-15-165-236-45.ap-northeast-2.compute.amazonaws.com | - | Medium
+17 | [15.204.13.245](https://vuldb.com/?ip.15.204.13.245) | ip245.ip-15-204-13.us | - | High
+18 | [20.123.197.130](https://vuldb.com/?ip.20.123.197.130) | - | - | High
+19 | [20.218.120.153](https://vuldb.com/?ip.20.218.120.153) | - | - | High
+20 | [20.223.155.39](https://vuldb.com/?ip.20.223.155.39) | - | - | High
+21 | [20.231.104.157](https://vuldb.com/?ip.20.231.104.157) | - | - | High
+22 | [23.105.131.196](https://vuldb.com/?ip.23.105.131.196) | mail196.nessfist.com | - | High
+23 | [27.11.235.246](https://vuldb.com/?ip.27.11.235.246) | - | - | High
+24 | [27.72.56.186](https://vuldb.com/?ip.27.72.56.186) | dynamic-ip-adsl.viettel.vn | - | High
+25 | [31.7.63.14](https://vuldb.com/?ip.31.7.63.14) | rack223ch.idfnv.ne | - | High
+26 | [31.220.15.249](https://vuldb.com/?ip.31.220.15.249) | - | - | High
+27 | [34.96.240.37](https://vuldb.com/?ip.34.96.240.37) | 37.240.96.34.bc.googleusercontent.com | - | Medium
+28 | [34.125.93.181](https://vuldb.com/?ip.34.125.93.181) | 181.93.125.34.bc.googleusercontent.com | - | Medium
+29 | [34.146.234.67](https://vuldb.com/?ip.34.146.234.67) | 67.234.146.34.bc.googleusercontent.com | - | Medium
+30 | [35.79.36.216](https://vuldb.com/?ip.35.79.36.216) | ec2-35-79-36-216.ap-northeast-1.compute.amazonaws.com | - | Medium
+31 | [35.157.111.131](https://vuldb.com/?ip.35.157.111.131) | ec2-35-157-111-131.eu-central-1.compute.amazonaws.com | - | Medium
+32 | [35.177.17.33](https://vuldb.com/?ip.35.177.17.33) | ec2-35-177-17-33.eu-west-2.compute.amazonaws.com | - | Medium
+33 | [37.0.11.118](https://vuldb.com/?ip.37.0.11.118) | - | - | High
+34 | [37.0.14.205](https://vuldb.com/?ip.37.0.14.205) | - | - | High
+35 | [37.48.117.136](https://vuldb.com/?ip.37.48.117.136) | - | - | High
+36 | [37.120.206.86](https://vuldb.com/?ip.37.120.206.86) | - | - | High
+37 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
+38 | [38.242.128.85](https://vuldb.com/?ip.38.242.128.85) | vmi1149994.contaboserver.net | - | High
+39 | [39.107.242.96](https://vuldb.com/?ip.39.107.242.96) | - | - | High
+40 | [40.117.196.252](https://vuldb.com/?ip.40.117.196.252) | - | - | High
+41 | [41.79.11.214](https://vuldb.com/?ip.41.79.11.214) | - | - | High
+42 | [41.102.117.114](https://vuldb.com/?ip.41.102.117.114) | - | - | High
+43 | [41.143.172.69](https://vuldb.com/?ip.41.143.172.69) | - | - | High
+44 | [41.232.207.130](https://vuldb.com/?ip.41.232.207.130) | host-41.232.207.130.tedata.net | - | High
+45 | [41.234.44.38](https://vuldb.com/?ip.41.234.44.38) | host-41.234.44.38.tedata.net | - | High
+46 | [41.234.46.29](https://vuldb.com/?ip.41.234.46.29) | host-41.234.46.29.tedata.net | - | High
+47 | [42.192.132.19](https://vuldb.com/?ip.42.192.132.19) | - | - | High
+48 | [43.154.232.190](https://vuldb.com/?ip.43.154.232.190) | - | - | High
+49 | [43.240.48.46](https://vuldb.com/?ip.43.240.48.46) | - | - | High
+50 | [45.12.213.244](https://vuldb.com/?ip.45.12.213.244) | vm2521174.52ssd.had.wf | - | High
+51 | [45.14.13.20](https://vuldb.com/?ip.45.14.13.20) | free.example.com | - | High
+52 | ... | ... | ... | ...

-There are 178 more IOC items available. Please use our online service to access the data.
+There are 206 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -76,13 +82,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-425 | Pathname Traversal | High
 2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-94 | Cross Site Scripting | High
 5 | ... | ... | ... | ...

-There are 15 more TTP items available. Please use our online service to access the data.
+There are 16 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -90,33 +96,38 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/admin.php?c=upload&f=zip&_noCache=0.1683794968` | High
-2 | File | `/admin/?page=user/list` | High
-3 | File | `/admin/addproduct.php` | High
-4 | File | `/admin/ajax.php?action=save_area` | High
-5 | File | `/admin/contacts/organizations/edit/2` | High
-6 | File | `/admin/modal_add_product.php` | High
-7 | File | `/admin/reportupload.aspx` | High
-8 | File | `/admin/update_s6.php` | High
-9 | File | `/ajax.php?action=read_msg` | High
-10 | File | `/ajax.php?action=save_company` | High
-11 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
+1 | File | `/admin/?page=user/list` | High
+2 | File | `/admin/addproduct.php` | High
+3 | File | `/admin/ajax.php?action=save_area` | High
+4 | File | `/admin/contacts/organizations/edit/2` | High
+5 | File | `/admin/modal_add_product.php` | High
+6 | File | `/admin/reportupload.aspx` | High
+7 | File | `/admin/update_s6.php` | High
+8 | File | `/ajax.php?action=read_msg` | High
+9 | File | `/ajax.php?action=save_company` | High
+10 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
+11 | File | `/authenticationendpoint/login.do` | High
 12 | File | `/bin/login` | Medium
-13 | File | `/cgi-bin/wlogin.cgi` | High
-14 | File | `/changeimage.php` | High
-15 | File | `/classes/Users.php?f=save` | High
-16 | File | `/DXR.axd` | Medium
-17 | File | `/forum/away.php` | High
-18 | File | `/HNAP1` | Low
-19 | File | `/Login/CheckLogin` | High
-20 | File | `/note/index/delete` | High
-21 | File | `/owa/auth/logon.aspx` | High
-22 | File | `/SystemManage/Organize/GetTreeGridJson?_search=false&nd=1681813520783&rows=10000&page=1&sidx=&sord=asc` | High
-23 | File | `/SystemManage/Role/GetGridJson?keyword=&page=1&rows=20` | High
-24 | File | `/SystemManage/User/GetGridJson?_search=false&nd=1680855479750&rows=50&page=1&sidx=F_CreatorTime+desc&sord=asc` | High
-25 | ... | ... | ...
+13 | File | `/cgi-bin/luci` | High
+14 | File | `/cgi-bin/wlogin.cgi` | High
+15 | File | `/changeimage.php` | High
+16 | File | `/classes/Users.php?f=save` | High
+17 | File | `/DXR.axd` | Medium
+18 | File | `/forum/away.php` | High
+19 | File | `/HNAP1` | Low
+20 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
+21 | File | `/mc` | Low
+22 | File | `/note/index/delete` | High
+23 | File | `/owa/auth/logon.aspx` | High
+24 | File | `/php-inventory-management-system/product.php` | High
+25 | File | `/send_order.cgi?parameter=restart` | High
+26 | File | `/tmp/boa-temp` | High
+27 | File | `/userfs/bin/tcapi` | High
+28 | File | `/var/log/nginx` | High
+29 | File | `/wp-admin/admin-ajax.php` | High
+30 | ... | ... | ...

-There are 210 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 254 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -124,8 +135,11 @@ The following list contains _external sources_ which discuss the actor and the a

 * https://app.any.run/tasks/089e71c3-a8ec-4837-832c-f11bb556df64/
 * https://app.any.run/tasks/1b81e1ee-d29a-4e74-87a7-8414c70fcae2
+* https://app.any.run/tasks/2a8ea228-8fd7-4d3e-ab72-b5c67f9381b4
 * https://app.any.run/tasks/77c2cda1-c294-4ab4-a3b4-281e55e49ef0/
+* https://app.any.run/tasks/acefc9eb-a4be-4593-b715-91c71644088c
 * https://app.any.run/tasks/dc07af29-b227-406c-80f3-437198cf053c
+* https://bazaar.abuse.ch/sample/67e056d8f7e8d81f2228b6ccc2e8797042bb4803803afa1d64eb0c43eadd0a63/
 * https://bazaar.abuse.ch/sample/cbe3da3ca7ef71d66700647008807306e0829d6e683bee35fc7a9cac064d01a5/
 * https://bazaar.abuse.ch/sample/cf4e53b7758ebb9a9470cb6fd3a2c69fcd96e045534ab80a44eac752c09e50f0/
 * https://threatfox.abuse.ch
--- a/actors/Raspberry
+++ b/actors/Raspberry
@ -4,68 +4,35 @@ These _indicators_ were reported, collected, and generated during the [VulDB CTI

 _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.raspberry_robin](https://vuldb.com/?actor.raspberry_robin)

-## Countries
-
-These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Raspberry Robin:
-
-* [US](https://vuldb.com/?country.us)
-* [DE](https://vuldb.com/?country.de)
-* [ES](https://vuldb.com/?country.es)
-* ...
-
-There are 9 more country items available. Please use our online service to access the data.
-
 ## IOC - Indicator of Compromise

 These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Raspberry Robin.

 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [37.223.74.108](https://vuldb.com/?ip.37.223.74.108) | - | - | High
-2 | [46.11.6.104](https://vuldb.com/?ip.46.11.6.104) | - | - | High
-3 | [46.11.83.236](https://vuldb.com/?ip.46.11.83.236) | - | - | High
-4 | [46.11.88.157](https://vuldb.com/?ip.46.11.88.157) | - | - | High
-5 | [46.11.88.251](https://vuldb.com/?ip.46.11.88.251) | - | - | High
-6 | [46.217.252.5](https://vuldb.com/?ip.46.217.252.5) | - | - | High
-7 | [46.217.252.172](https://vuldb.com/?ip.46.217.252.172) | - | - | High
-8 | [46.246.235.240](https://vuldb.com/?ip.46.246.235.240) | 46.246.235.240.dsl.dyn.forthnet.gr | - | High
-9 | [47.62.21.60](https://vuldb.com/?ip.47.62.21.60) | 47-62-21-60.red-acceso.airtel.net | - | High
-10 | [47.62.80.170](https://vuldb.com/?ip.47.62.80.170) | 47-62-80-170.red-acceso.airtel.net | - | High
-11 | [62.117.214.168](https://vuldb.com/?ip.62.117.214.168) | 62.117.214.168.dyn.user.ono.com | - | High
-12 | [77.0.14.225](https://vuldb.com/?ip.77.0.14.225) | dynamic-077-000-014-225.77.0.pool.telefonica.de | - | High
-13 | [77.0.54.234](https://vuldb.com/?ip.77.0.54.234) | dynamic-077-000-054-234.77.0.pool.telefonica.de | - | High
-14 | ... | ... | ... | ...
+1 | [1.163.239.22](https://vuldb.com/?ip.1.163.239.22) | 1-163-239-22.dynamic-ip.hinet.net | - | High
+2 | [1.175.74.58](https://vuldb.com/?ip.1.175.74.58) | 1-175-74-58.dynamic-ip.hinet.net | - | High
+3 | [1.175.125.217](https://vuldb.com/?ip.1.175.125.217) | 1-175-125-217.dynamic-ip.hinet.net | - | High
+4 | [1.175.137.191](https://vuldb.com/?ip.1.175.137.191) | 1-175-137-191.dynamic-ip.hinet.net | - | High
+5 | [1.175.153.226](https://vuldb.com/?ip.1.175.153.226) | 1-175-153-226.dynamic-ip.hinet.net | - | High
+6 | [31.17.3.210](https://vuldb.com/?ip.31.17.3.210) | ip1f1103d2.dynamic.kabel-deutschland.de | - | High
+7 | [37.223.74.108](https://vuldb.com/?ip.37.223.74.108) | - | - | High
+8 | [46.11.6.104](https://vuldb.com/?ip.46.11.6.104) | - | - | High
+9 | [46.11.83.236](https://vuldb.com/?ip.46.11.83.236) | - | - | High
+10 | [46.11.88.157](https://vuldb.com/?ip.46.11.88.157) | - | - | High
+11 | [46.11.88.251](https://vuldb.com/?ip.46.11.88.251) | - | - | High
+12 | [46.217.252.5](https://vuldb.com/?ip.46.217.252.5) | - | - | High
+13 | [46.217.252.172](https://vuldb.com/?ip.46.217.252.172) | - | - | High
+14 | [46.246.235.240](https://vuldb.com/?ip.46.246.235.240) | 46.246.235.240.dsl.dyn.forthnet.gr | - | High
+15 | [47.62.21.60](https://vuldb.com/?ip.47.62.21.60) | 47-62-21-60.red-acceso.airtel.net | - | High
+16 | [47.62.80.170](https://vuldb.com/?ip.47.62.80.170) | 47-62-80-170.red-acceso.airtel.net | - | High
+17 | [58.136.1.101](https://vuldb.com/?ip.58.136.1.101) | - | - | High
+18 | [58.136.239.28](https://vuldb.com/?ip.58.136.239.28) | - | - | High
+19 | [58.177.98.79](https://vuldb.com/?ip.58.177.98.79) | 058177098079.ctinets.com | - | High
+20 | [61.68.74.170](https://vuldb.com/?ip.61.68.74.170) | 61-68-74-170.tpgi.com.au | - | High
+21 | ... | ... | ... | ...

-There are 50 more IOC items available. Please use our online service to access the data.
-
-## TTP - Tactics, Techniques, Procedures
-
-_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Raspberry Robin_. This data is unique as it uses our predictive model for actor profiling.
-
-ID | Technique | Weakness | Description | Confidence
-- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-22 | Pathname Traversal | High
-2 | T1055 | CWE-74 | Injection | High
-3 | T1059 | CWE-94 | Cross Site Scripting | High
-4 | T1059.007 | CWE-79 | Cross Site Scripting | High
-5 | ... | ... | ... | ...
-
-There are 15 more TTP items available. Please use our online service to access the data.
-
-## IOA - Indicator of Attack
-
-These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Raspberry Robin. This data is unique as it uses our predictive model for actor profiling.
-
-ID | Type | Indicator | Confidence
-- | ---- | --------- | ----------
-1 | File | `/+CSCOE+/logon.html` | High
-2 | File | `/.env` | Low
-3 | File | `/advanced-tools/nova/bin/netwatch` | High
-4 | File | `/server-info` | Medium
-5 | File | `/usr/bin/pkexec` | High
-6 | ... | ... | ...
-
-There are 36 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 81 more IOC items available. Please use our online service to access the data.

 ## References

@ -73,6 +40,8 @@ The following list contains _external sources_ which discuss the actor and the a

 * https://1275.ru/ioc/191/raspberry-robin-worm-iocs/
 * https://1275.ru/ioc/365/raspberry-robin-worm-iocs-part-2/
+* https://threatfox.abuse.ch
+* https://twitter.com/DTCERT/status/1565664874633564162

 ## Literature

--- a/actors/Rattlesnake/README.md
+++ b/actors/Rattlesnake/README.md
@ -0,0 +1,55 @@
+# Rattlesnake - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Rattlesnake](https://vuldb.com/?actor.rattlesnake). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.rattlesnake](https://vuldb.com/?actor.rattlesnake)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Rattlesnake:
+
+* [RU](https://vuldb.com/?country.ru)
+* [US](https://vuldb.com/?country.us)
+* [CN](https://vuldb.com/?country.cn)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Rattlesnake.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [37.139.29.117](https://vuldb.com/?ip.37.139.29.117) | - | - | High
+2 | [188.241.68.144](https://vuldb.com/?ip.188.241.68.144) | epwigtaghn.ru | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Rattlesnake_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1592 | CWE-200 | Configuration | High
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Rattlesnake. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `kbdint.c` | Medium
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/RedFoxtrot/README.md
+++ b/actors/RedFoxtrot/README.md
@ -68,9 +68,10 @@ ID | Type | Indicator | Confidence
 17 | File | `auth-gss2.c` | Medium
 18 | File | `bcbadmSettings.jsp` | High
 19 | File | `books.php` | Medium
-20 | ... | ... | ...
+20 | File | `cgi.c` | Low
+21 | ... | ... | ...

-There are 168 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 169 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Stealer/README.md
+++ b/Stealer/README.md
@ -829,9 +829,10 @@ ID | IP address | Hostname | Campaign | Confidence
 806 | [45.150.67.126](https://vuldb.com/?ip.45.150.67.126) | example.com | - | High
 807 | [45.150.67.128](https://vuldb.com/?ip.45.150.67.128) | vpn2529md.com | - | High
 808 | [45.150.67.151](https://vuldb.com/?ip.45.150.67.151) | vm1279157.stark-industries.solutions | - | High
-809 | ... | ... | ... | ...
+809 | [45.150.67.236](https://vuldb.com/?ip.45.150.67.236) | licher2.lone.example.com | - | High
+810 | ... | ... | ... | ...

-There are 3234 more IOC items available. Please use our online service to access the data.
+There are 3235 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -864,54 +865,54 @@ ID | Type | Indicator | Confidence
 8 | File | `/admin/maintenance/brand.php` | High
 9 | File | `/admin/maintenance/view_designation.php` | High
 10 | File | `/admin/mechanics/manage_mechanic.php` | High
-11 | File | `/admin/user/manage_user.php` | High
-12 | File | `/admin/userprofile.php` | High
-13 | File | `/admin/voters_row.php` | High
-14 | File | `/ajax.php?action=save_company` | High
-15 | File | `/ajax.php?action=save_user` | High
-16 | File | `/ajax/myshop` | Medium
-17 | File | `/alerts/alertConfigField.php` | High
-18 | File | `/api/stl/actions/search` | High
-19 | File | `/api/v2/cli/commands` | High
-20 | File | `/authenticationendpoint/login.do` | High
-21 | File | `/backup.pl` | Medium
-22 | File | `/cas/logout` | Medium
-23 | File | `/cgi-bin` | Medium
-24 | File | `/cgi-bin/system_mgr.cgi` | High
-25 | File | `/contactform/contactform.php` | High
-26 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
-27 | File | `/dcim/rack-roles/` | High
-28 | File | `/DXR.axd` | Medium
-29 | File | `/env` | Low
-30 | File | `/feeds/post/publish` | High
-31 | File | `/film-rating.php` | High
-32 | File | `/forum/away.php` | High
-33 | File | `/goform/WifiGuestSet` | High
-34 | File | `/inc/jquery/uploadify/uploadify.php` | High
-35 | File | `/inc/topBarNav.php` | High
-36 | File | `/index.php` | Medium
-37 | File | `/index.php?app=main&func=passport&action=login` | High
-38 | File | `/index.php?page=category_list` | High
-39 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
-40 | File | `/jobinfo/` | Medium
-41 | File | `/kelas/data` | Medium
-42 | File | `/kelasdosen/data` | High
-43 | File | `/librarian/bookdetails.php` | High
-44 | File | `/mantis/view_all_bug_page.php` | High
-45 | File | `/modules/projects/vw_files.php` | High
-46 | File | `/Moosikay/order.php` | High
-47 | File | `/nasm/nasm-parse.c` | High
-48 | File | `/opac/Actions.php?a=login` | High
-49 | File | `/out.php` | Medium
-50 | File | `/PreviewHandler.ashx` | High
-51 | File | `/reservation/add_message.php` | High
-52 | File | `/see_more_details.php` | High
-53 | File | `/services/indexing/preview` | High
-54 | File | `/student/bookdetails.php` | High
-55 | File | `/upgrade` | Medium
+11 | File | `/admin/positions_add.php` | High
+12 | File | `/admin/user/manage_user.php` | High
+13 | File | `/admin/userprofile.php` | High
+14 | File | `/admin/voters_row.php` | High
+15 | File | `/ajax.php?action=save_company` | High
+16 | File | `/ajax.php?action=save_user` | High
+17 | File | `/ajax/myshop` | Medium
+18 | File | `/alerts/alertConfigField.php` | High
+19 | File | `/api/stl/actions/search` | High
+20 | File | `/api/v2/cli/commands` | High
+21 | File | `/authenticationendpoint/login.do` | High
+22 | File | `/backup.pl` | Medium
+23 | File | `/cas/logout` | Medium
+24 | File | `/cgi-bin` | Medium
+25 | File | `/cgi-bin/system_mgr.cgi` | High
+26 | File | `/contactform/contactform.php` | High
+27 | File | `/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx` | High
+28 | File | `/dcim/rack-roles/` | High
+29 | File | `/DXR.axd` | Medium
+30 | File | `/env` | Low
+31 | File | `/feeds/post/publish` | High
+32 | File | `/film-rating.php` | High
+33 | File | `/forum/away.php` | High
+34 | File | `/goform/WifiGuestSet` | High
+35 | File | `/inc/jquery/uploadify/uploadify.php` | High
+36 | File | `/inc/topBarNav.php` | High
+37 | File | `/index.php` | Medium
+38 | File | `/index.php?app=main&func=passport&action=login` | High
+39 | File | `/index.php?page=category_list` | High
+40 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
+41 | File | `/jobinfo/` | Medium
+42 | File | `/kelas/data` | Medium
+43 | File | `/kelasdosen/data` | High
+44 | File | `/librarian/bookdetails.php` | High
+45 | File | `/mantis/view_all_bug_page.php` | High
+46 | File | `/modules/projects/vw_files.php` | High
+47 | File | `/Moosikay/order.php` | High
+48 | File | `/nasm/nasm-parse.c` | High
+49 | File | `/opac/Actions.php?a=login` | High
+50 | File | `/out.php` | Medium
+51 | File | `/PreviewHandler.ashx` | High
+52 | File | `/reservation/add_message.php` | High
+53 | File | `/see_more_details.php` | High
+54 | File | `/services/indexing/preview` | High
+55 | File | `/student/bookdetails.php` | High
 56 | ... | ... | ...

-There are 490 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 489 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -951,6 +952,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://app.any.run/tasks/82ec3045-fea7-4e48-bdb0-3b4387daf0ea
 * https://app.any.run/tasks/83ddae45-68bc-4863-9740-899497396e5c
 * https://app.any.run/tasks/91f32395-7c7e-41a9-8174-4e651c4715dc/
+* https://app.any.run/tasks/173b2306-33e2-4682-b1fa-e87457e7c8ab
 * https://app.any.run/tasks/524dba93-413b-40c0-8e80-71f9a878ee1c
 * https://app.any.run/tasks/532df5b1-d120-415d-9bd1-7ac9883f8e25
 * https://app.any.run/tasks/856e6eb5-9f60-46ff-a46c-7d7cbf704f02
--- a/actors/Remcos/README.md
+++ b/actors/Remcos/README.md
@ -41,218 +41,228 @@ ID | IP address | Hostname | Campaign | Confidence
 12 | [5.181.234.145](https://vuldb.com/?ip.5.181.234.145) | - | - | High
 13 | [5.206.227.115](https://vuldb.com/?ip.5.206.227.115) | 1877 | - | High
 14 | [5.249.226.166](https://vuldb.com/?ip.5.249.226.166) | uw19.uniweb.no | - | High
-15 | [8.253.139.120](https://vuldb.com/?ip.8.253.139.120) | - | - | High
-16 | [10.11.0.5](https://vuldb.com/?ip.10.11.0.5) | - | - | High
-17 | [10.15.0.17](https://vuldb.com/?ip.10.15.0.17) | - | - | High
-18 | [10.15.0.18](https://vuldb.com/?ip.10.15.0.18) | - | - | High
-19 | [10.15.0.19](https://vuldb.com/?ip.10.15.0.19) | - | - | High
-20 | [10.15.0.23](https://vuldb.com/?ip.10.15.0.23) | - | - | High
-21 | [10.15.0.30](https://vuldb.com/?ip.10.15.0.30) | - | - | High
-22 | [10.16.0.13](https://vuldb.com/?ip.10.16.0.13) | - | - | High
-23 | [10.16.0.30](https://vuldb.com/?ip.10.16.0.30) | - | - | High
-24 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
-25 | [13.107.42.12](https://vuldb.com/?ip.13.107.42.12) | 1drv.ms | - | High
-26 | [13.107.42.13](https://vuldb.com/?ip.13.107.42.13) | - | - | High
-27 | [13.107.43.12](https://vuldb.com/?ip.13.107.43.12) | - | - | High
-28 | [13.107.43.13](https://vuldb.com/?ip.13.107.43.13) | - | - | High
-29 | [13.225.214.71](https://vuldb.com/?ip.13.225.214.71) | server-13-225-214-71.ewr50.r.cloudfront.net | - | High
-30 | [13.225.214.91](https://vuldb.com/?ip.13.225.214.91) | server-13-225-214-91.ewr50.r.cloudfront.net | - | High
-31 | [13.225.214.108](https://vuldb.com/?ip.13.225.214.108) | server-13-225-214-108.ewr50.r.cloudfront.net | - | High
-32 | [13.225.230.20](https://vuldb.com/?ip.13.225.230.20) | server-13-225-230-20.jfk51.r.cloudfront.net | - | High
-33 | [13.250.255.10](https://vuldb.com/?ip.13.250.255.10) | ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com | - | Medium
-34 | [15.197.142.173](https://vuldb.com/?ip.15.197.142.173) | a4ec4c6ea1c92e2e6.awsglobalaccelerator.com | - | High
-35 | [15.235.53.10](https://vuldb.com/?ip.15.235.53.10) | ns5012329.ip-15-235-53.net | - | High
-36 | [15.237.137.33](https://vuldb.com/?ip.15.237.137.33) | ec2-15-237-137-33.eu-west-3.compute.amazonaws.com | - | Medium
-37 | [18.214.132.216](https://vuldb.com/?ip.18.214.132.216) | ec2-18-214-132-216.compute-1.amazonaws.com | - | Medium
-38 | [18.218.132.40](https://vuldb.com/?ip.18.218.132.40) | ec2-18-218-132-40.us-east-2.compute.amazonaws.com | - | Medium
-39 | [20.7.43.70](https://vuldb.com/?ip.20.7.43.70) | - | - | High
-40 | [20.36.253.92](https://vuldb.com/?ip.20.36.253.92) | - | - | High
-41 | [20.38.32.202](https://vuldb.com/?ip.20.38.32.202) | - | - | High
-42 | [20.42.73.27](https://vuldb.com/?ip.20.42.73.27) | - | - | High
-43 | [20.69.164.162](https://vuldb.com/?ip.20.69.164.162) | - | - | High
-44 | [20.106.76.138](https://vuldb.com/?ip.20.106.76.138) | - | - | High
-45 | [20.106.94.110](https://vuldb.com/?ip.20.106.94.110) | - | - | High
-46 | [20.110.185.77](https://vuldb.com/?ip.20.110.185.77) | - | - | High
-47 | [20.110.197.26](https://vuldb.com/?ip.20.110.197.26) | - | - | High
-48 | [20.112.83.244](https://vuldb.com/?ip.20.112.83.244) | - | - | High
-49 | [20.114.21.181](https://vuldb.com/?ip.20.114.21.181) | - | - | High
-50 | [20.124.111.166](https://vuldb.com/?ip.20.124.111.166) | - | - | High
-51 | [20.190.151.7](https://vuldb.com/?ip.20.190.151.7) | - | - | High
-52 | [20.190.151.8](https://vuldb.com/?ip.20.190.151.8) | - | - | High
-53 | [20.190.151.68](https://vuldb.com/?ip.20.190.151.68) | - | - | High
-54 | [20.190.151.70](https://vuldb.com/?ip.20.190.151.70) | - | - | High
-55 | [20.190.151.131](https://vuldb.com/?ip.20.190.151.131) | - | - | High
-56 | [20.190.151.132](https://vuldb.com/?ip.20.190.151.132) | - | - | High
-57 | [20.190.151.133](https://vuldb.com/?ip.20.190.151.133) | - | - | High
-58 | [20.190.152.21](https://vuldb.com/?ip.20.190.152.21) | - | - | High
-59 | [20.190.154.139](https://vuldb.com/?ip.20.190.154.139) | - | - | High
-60 | [20.225.154.34](https://vuldb.com/?ip.20.225.154.34) | - | - | High
-61 | [20.251.10.189](https://vuldb.com/?ip.20.251.10.189) | - | - | High
-62 | [23.3.13.88](https://vuldb.com/?ip.23.3.13.88) | a23-3-13-88.deploy.static.akamaitechnologies.com | - | High
-63 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
-64 | [23.19.227.82](https://vuldb.com/?ip.23.19.227.82) | - | - | High
-65 | [23.19.227.171](https://vuldb.com/?ip.23.19.227.171) | - | - | High
-66 | [23.19.227.243](https://vuldb.com/?ip.23.19.227.243) | - | - | High
-67 | [23.21.27.29](https://vuldb.com/?ip.23.21.27.29) | ec2-23-21-27-29.compute-1.amazonaws.com | - | Medium
-68 | [23.21.205.229](https://vuldb.com/?ip.23.21.205.229) | ec2-23-21-205-229.compute-1.amazonaws.com | - | Medium
-69 | [23.21.213.140](https://vuldb.com/?ip.23.21.213.140) | ec2-23-21-213-140.compute-1.amazonaws.com | - | Medium
-70 | [23.38.131.139](https://vuldb.com/?ip.23.38.131.139) | a23-38-131-139.deploy.static.akamaitechnologies.com | - | High
-71 | [23.46.239.18](https://vuldb.com/?ip.23.46.239.18) | a23-46-239-18.deploy.static.akamaitechnologies.com | - | High
-72 | [23.56.9.181](https://vuldb.com/?ip.23.56.9.181) | a23-56-9-181.deploy.static.akamaitechnologies.com | - | High
-73 | [23.78.173.83](https://vuldb.com/?ip.23.78.173.83) | a23-78-173-83.deploy.static.akamaitechnologies.com | - | High
-74 | [23.82.12.29](https://vuldb.com/?ip.23.82.12.29) | - | - | High
-75 | [23.105.131.132](https://vuldb.com/?ip.23.105.131.132) | mail132.nessfist.com | - | High
-76 | [23.105.131.141](https://vuldb.com/?ip.23.105.131.141) | mail141.nessfist.com | - | High
-77 | [23.105.131.186](https://vuldb.com/?ip.23.105.131.186) | mail186.nessfist.com | - | High
-78 | [23.105.131.193](https://vuldb.com/?ip.23.105.131.193) | - | - | High
-79 | [23.105.131.206](https://vuldb.com/?ip.23.105.131.206) | mail206.nessfist.com | - | High
-80 | [23.105.131.209](https://vuldb.com/?ip.23.105.131.209) | - | - | High
-81 | [23.105.131.211](https://vuldb.com/?ip.23.105.131.211) | mail211.nessfist.com | - | High
-82 | [23.105.131.220](https://vuldb.com/?ip.23.105.131.220) | mail220.nessfist.com | - | High
-83 | [23.105.131.222](https://vuldb.com/?ip.23.105.131.222) | - | - | High
-84 | [23.105.131.235](https://vuldb.com/?ip.23.105.131.235) | mail235.nessfist.com | - | High
-85 | [23.105.131.238](https://vuldb.com/?ip.23.105.131.238) | mail238.nessfist.com | - | High
-86 | [23.105.131.244](https://vuldb.com/?ip.23.105.131.244) | mail244.nessfist.com | - | High
-87 | [23.106.124.111](https://vuldb.com/?ip.23.106.124.111) | - | - | High
-88 | [23.146.242.71](https://vuldb.com/?ip.23.146.242.71) | - | - | High
-89 | [23.146.242.110](https://vuldb.com/?ip.23.146.242.110) | - | - | High
-90 | [23.196.74.222](https://vuldb.com/?ip.23.196.74.222) | a23-196-74-222.deploy.static.akamaitechnologies.com | - | High
-91 | [23.199.63.11](https://vuldb.com/?ip.23.199.63.11) | a23-199-63-11.deploy.static.akamaitechnologies.com | - | High
-92 | [23.199.63.83](https://vuldb.com/?ip.23.199.63.83) | a23-199-63-83.deploy.static.akamaitechnologies.com | - | High
-93 | [23.223.37.181](https://vuldb.com/?ip.23.223.37.181) | a23-223-37-181.deploy.static.akamaitechnologies.com | - | High
-94 | [23.226.128.197](https://vuldb.com/?ip.23.226.128.197) | 23.226.128.197.static.quadranet.com | - | High
-95 | [23.227.38.74](https://vuldb.com/?ip.23.227.38.74) | - | - | High
-96 | [31.3.152.100](https://vuldb.com/?ip.31.3.152.100) | 100.152.3.31.in-addr.arpa | - | High
-97 | [31.192.232.48](https://vuldb.com/?ip.31.192.232.48) | lindaj18.barber.pserver.space | - | High
-98 | [31.210.20.56](https://vuldb.com/?ip.31.210.20.56) | - | - | High
-99 | [31.210.20.130](https://vuldb.com/?ip.31.210.20.130) | - | - | High
-100 | [31.210.20.224](https://vuldb.com/?ip.31.210.20.224) | - | - | High
-101 | [31.210.20.236](https://vuldb.com/?ip.31.210.20.236) | - | - | High
-102 | [31.210.21.205](https://vuldb.com/?ip.31.210.21.205) | lit4.top | - | High
-103 | [34.96.116.138](https://vuldb.com/?ip.34.96.116.138) | 138.116.96.34.bc.googleusercontent.com | - | Medium
-104 | [34.102.136.180](https://vuldb.com/?ip.34.102.136.180) | 180.136.102.34.bc.googleusercontent.com | - | Medium
-105 | [34.117.168.233](https://vuldb.com/?ip.34.117.168.233) | 233.168.117.34.bc.googleusercontent.com | - | Medium
-106 | [34.192.250.175](https://vuldb.com/?ip.34.192.250.175) | ec2-34-192-250-175.compute-1.amazonaws.com | - | Medium
-107 | [34.197.12.81](https://vuldb.com/?ip.34.197.12.81) | ec2-34-197-12-81.compute-1.amazonaws.com | - | Medium
-108 | [34.202.33.33](https://vuldb.com/?ip.34.202.33.33) | ec2-34-202-33-33.compute-1.amazonaws.com | - | Medium
-109 | [34.239.194.181](https://vuldb.com/?ip.34.239.194.181) | ec2-34-239-194-181.compute-1.amazonaws.com | - | Medium
-110 | [35.205.61.67](https://vuldb.com/?ip.35.205.61.67) | 67.61.205.35.bc.googleusercontent.com | - | Medium
-111 | [35.214.144.124](https://vuldb.com/?ip.35.214.144.124) | 124.144.214.35.bc.googleusercontent.com | - | Medium
-112 | [37.0.10.217](https://vuldb.com/?ip.37.0.10.217) | - | - | High
-113 | [37.0.11.114](https://vuldb.com/?ip.37.0.11.114) | - | - | High
-114 | [37.0.11.230](https://vuldb.com/?ip.37.0.11.230) | - | - | High
-115 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
-116 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
-117 | [37.0.14.199](https://vuldb.com/?ip.37.0.14.199) | - | - | High
-118 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
-119 | [37.0.14.204](https://vuldb.com/?ip.37.0.14.204) | - | - | High
-120 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
-121 | [37.0.14.207](https://vuldb.com/?ip.37.0.14.207) | - | - | High
-122 | [37.0.14.209](https://vuldb.com/?ip.37.0.14.209) | - | - | High
-123 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
-124 | [37.0.14.211](https://vuldb.com/?ip.37.0.14.211) | - | - | High
-125 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
-126 | [37.0.14.217](https://vuldb.com/?ip.37.0.14.217) | - | - | High
-127 | [37.1.206.16](https://vuldb.com/?ip.37.1.206.16) | free.ispiria.net | - | High
-128 | [37.1.206.146](https://vuldb.com/?ip.37.1.206.146) | - | - | High
-129 | [37.19.193.217](https://vuldb.com/?ip.37.19.193.217) | unn-37-19-193-217.cdn77.com | - | High
-130 | [37.46.150.211](https://vuldb.com/?ip.37.46.150.211) | convert-concern.needratio.com | - | High
-131 | [37.120.138.222](https://vuldb.com/?ip.37.120.138.222) | - | - | High
-132 | [37.120.155.179](https://vuldb.com/?ip.37.120.155.179) | - | - | High
-133 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
-134 | [37.120.217.243](https://vuldb.com/?ip.37.120.217.243) | - | - | High
-135 | [37.123.118.150](https://vuldb.com/?ip.37.123.118.150) | - | - | High
-136 | [37.139.64.106](https://vuldb.com/?ip.37.139.64.106) | - | - | High
-137 | [37.139.128.4](https://vuldb.com/?ip.37.139.128.4) | - | - | High
-138 | [37.139.128.24](https://vuldb.com/?ip.37.139.128.24) | - | - | High
-139 | [37.139.129.142](https://vuldb.com/?ip.37.139.129.142) | - | - | High
-140 | [37.230.130.153](https://vuldb.com/?ip.37.230.130.153) | - | - | High
-141 | [37.230.178.57](https://vuldb.com/?ip.37.230.178.57) | - | - | High
-142 | [37.235.1.174](https://vuldb.com/?ip.37.235.1.174) | resolver1.freedns.zone.powered.by.virtexxa.com | - | High
-143 | [37.235.1.177](https://vuldb.com/?ip.37.235.1.177) | resolver2.freedns.zone.powered.by.virtexxa.com | - | High
-144 | [38.26.191.78](https://vuldb.com/?ip.38.26.191.78) | - | - | High
-145 | [38.68.53.190](https://vuldb.com/?ip.38.68.53.190) | - | - | High
-146 | [38.242.134.118](https://vuldb.com/?ip.38.242.134.118) | vmi997441.contaboserver.net | - | High
-147 | [38.242.246.175](https://vuldb.com/?ip.38.242.246.175) | vmi838644.contaboserver.net | - | High
-148 | [40.126.26.134](https://vuldb.com/?ip.40.126.26.134) | - | - | High
-149 | [40.126.28.12](https://vuldb.com/?ip.40.126.28.12) | - | - | High
-150 | [40.126.28.22](https://vuldb.com/?ip.40.126.28.22) | - | - | High
-151 | [41.190.3.209](https://vuldb.com/?ip.41.190.3.209) | www.9mobile.com.ng | - | High
-152 | [41.216.183.96](https://vuldb.com/?ip.41.216.183.96) | - | - | High
-153 | [41.216.183.195](https://vuldb.com/?ip.41.216.183.195) | - | - | High
-154 | [41.216.183.226](https://vuldb.com/?ip.41.216.183.226) | - | - | High
-155 | [43.226.229.83](https://vuldb.com/?ip.43.226.229.83) | - | - | High
-156 | [44.230.27.49](https://vuldb.com/?ip.44.230.27.49) | ec2-44-230-27-49.us-west-2.compute.amazonaws.com | - | Medium
-157 | [44.238.161.76](https://vuldb.com/?ip.44.238.161.76) | ec2-44-238-161-76.us-west-2.compute.amazonaws.com | - | Medium
-158 | [45.15.143.148](https://vuldb.com/?ip.45.15.143.148) | - | - | High
-159 | [45.62.170.248](https://vuldb.com/?ip.45.62.170.248) | - | - | High
-160 | [45.66.151.212](https://vuldb.com/?ip.45.66.151.212) | - | - | High
-161 | [45.74.32.12](https://vuldb.com/?ip.45.74.32.12) | - | - | High
-162 | [45.81.39.21](https://vuldb.com/?ip.45.81.39.21) | - | - | High
-163 | [45.81.243.246](https://vuldb.com/?ip.45.81.243.246) | - | - | High
-164 | [45.82.84.10](https://vuldb.com/?ip.45.82.84.10) | 45.82.84.10.deltahost-ptr | - | High
-165 | [45.83.129.166](https://vuldb.com/?ip.45.83.129.166) | - | - | High
-166 | [45.87.61.104](https://vuldb.com/?ip.45.87.61.104) | - | - | High
-167 | [45.88.66.122](https://vuldb.com/?ip.45.88.66.122) | runningegg.xyz | - | High
-168 | [45.90.222.204](https://vuldb.com/?ip.45.90.222.204) | 45-90-222-204-hostedby.bcr.host | - | High
-169 | [45.95.168.62](https://vuldb.com/?ip.45.95.168.62) | maxko-hosting.com | - | High
-170 | [45.128.234.54](https://vuldb.com/?ip.45.128.234.54) | - | - | High
-171 | [45.133.1.34](https://vuldb.com/?ip.45.133.1.34) | - | - | High
-172 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
-173 | [45.133.1.72](https://vuldb.com/?ip.45.133.1.72) | - | - | High
-174 | [45.133.174.55](https://vuldb.com/?ip.45.133.174.55) | - | - | High
-175 | [45.133.174.77](https://vuldb.com/?ip.45.133.174.77) | - | - | High
-176 | [45.133.174.177](https://vuldb.com/?ip.45.133.174.177) | - | - | High
-177 | [45.133.174.187](https://vuldb.com/?ip.45.133.174.187) | - | - | High
-178 | [45.137.22.52](https://vuldb.com/?ip.45.137.22.52) | hosted-by.rootlayer.net | - | High
-179 | [45.137.22.77](https://vuldb.com/?ip.45.137.22.77) | mail.governorsperic.xyz | - | High
-180 | [45.137.22.101](https://vuldb.com/?ip.45.137.22.101) | hosted-by.rootlayer.net | - | High
-181 | [45.137.22.104](https://vuldb.com/?ip.45.137.22.104) | hosted-by.rootlayer.net | - | High
-182 | [45.137.22.107](https://vuldb.com/?ip.45.137.22.107) | hosted-by.rootlayer.net | - | High
-183 | [45.137.22.116](https://vuldb.com/?ip.45.137.22.116) | hosted-by.rootlayer.net | - | High
-184 | [45.137.22.236](https://vuldb.com/?ip.45.137.22.236) | hosted-by.rootlayer.net | - | High
-185 | [45.137.22.248](https://vuldb.com/?ip.45.137.22.248) | hosted-by.rootlayer.net | - | High
-186 | [45.137.116.253](https://vuldb.com/?ip.45.137.116.253) | rs-zap1025641-3.zap-srv.com | - | High
-187 | [45.137.118.105](https://vuldb.com/?ip.45.137.118.105) | - | - | High
-188 | [45.138.16.39](https://vuldb.com/?ip.45.138.16.39) | - | - | High
-189 | [45.138.172.94](https://vuldb.com/?ip.45.138.172.94) | - | - | High
-190 | [45.139.105.174](https://vuldb.com/?ip.45.139.105.174) | - | - | High
-191 | [45.144.225.112](https://vuldb.com/?ip.45.144.225.112) | - | - | High
-192 | [45.144.225.213](https://vuldb.com/?ip.45.144.225.213) | - | - | High
-193 | [45.144.225.221](https://vuldb.com/?ip.45.144.225.221) | - | - | High
-194 | [45.148.17.62](https://vuldb.com/?ip.45.148.17.62) | mail.spokel.se | - | High
-195 | [45.154.4.64](https://vuldb.com/?ip.45.154.4.64) | - | - | High
-196 | [45.155.165.117](https://vuldb.com/?ip.45.155.165.117) | - | - | High
-197 | [45.155.165.139](https://vuldb.com/?ip.45.155.165.139) | - | - | High
-198 | [45.155.165.160](https://vuldb.com/?ip.45.155.165.160) | - | - | High
-199 | [46.2.255.122](https://vuldb.com/?ip.46.2.255.122) | - | - | High
-200 | [46.8.211.72](https://vuldb.com/?ip.46.8.211.72) | - | - | High
-201 | [46.105.127.143](https://vuldb.com/?ip.46.105.127.143) | ns385442.ip-46-105-127.eu | - | High
-202 | [46.183.216.163](https://vuldb.com/?ip.46.183.216.163) | tagoe.lstartanalystconcepts.org.uk | - | High
-203 | [46.183.217.11](https://vuldb.com/?ip.46.183.217.11) | raimis.comanchor.com | - | High
-204 | [46.183.220.61](https://vuldb.com/?ip.46.183.220.61) | ip-220-61.dataclub.info | - | High
-205 | [46.183.220.67](https://vuldb.com/?ip.46.183.220.67) | ip-220-67.dataclub.info | - | High
-206 | [46.183.220.203](https://vuldb.com/?ip.46.183.220.203) | ip-220-203.dataclub.info | - | High
-207 | [46.183.223.57](https://vuldb.com/?ip.46.183.223.57) | ip-223-57.dataclub.info | - | High
-208 | [46.243.147.194](https://vuldb.com/?ip.46.243.147.194) | - | - | High
-209 | [46.243.239.36](https://vuldb.com/?ip.46.243.239.36) | - | - | High
-210 | [46.243.239.153](https://vuldb.com/?ip.46.243.239.153) | - | - | High
-211 | [46.243.249.150](https://vuldb.com/?ip.46.243.249.150) | - | - | High
-212 | [46.246.80.68](https://vuldb.com/?ip.46.246.80.68) | c-46-246-80-68.ip4.frootvpn.com | - | High
-213 | [47.254.172.117](https://vuldb.com/?ip.47.254.172.117) | - | - | High
-214 | [50.16.234.229](https://vuldb.com/?ip.50.16.234.229) | ec2-50-16-234-229.compute-1.amazonaws.com | - | Medium
-215 | [50.63.202.36](https://vuldb.com/?ip.50.63.202.36) | ip-50-63-202-36.ip.secureserver.net | - | High
-216 | [51.15.229.127](https://vuldb.com/?ip.51.15.229.127) | 127-229-15-51.instances.scw.cloud | - | High
-217 | [51.75.209.242](https://vuldb.com/?ip.51.75.209.242) | ip242.ip-51-75-209.eu | - | High
-218 | [51.75.209.245](https://vuldb.com/?ip.51.75.209.245) | ip245.ip-51-75-209.eu | - | High
-219 | [51.81.193.203](https://vuldb.com/?ip.51.81.193.203) | ip203.ip-51-81-193.us | - | High
-220 | [51.91.236.193](https://vuldb.com/?ip.51.91.236.193) | cluster028.hosting.ovh.net | - | High
-221 | [51.103.16.165](https://vuldb.com/?ip.51.103.16.165) | - | - | High
-222 | [51.161.212.232](https://vuldb.com/?ip.51.161.212.232) | ip232.ip-51-161-212.net | - | High
-223 | [51.195.57.234](https://vuldb.com/?ip.51.195.57.234) | ip234.ip-51-195-57.eu | - | High
-224 | ... | ... | ... | ...
+15 | [5.253.114.108](https://vuldb.com/?ip.5.253.114.108) | - | - | High
+16 | [6.43.51.17](https://vuldb.com/?ip.6.43.51.17) | - | - | High
+17 | [8.253.139.120](https://vuldb.com/?ip.8.253.139.120) | - | - | High
+18 | [10.11.0.5](https://vuldb.com/?ip.10.11.0.5) | - | - | High
+19 | [10.15.0.17](https://vuldb.com/?ip.10.15.0.17) | - | - | High
+20 | [10.15.0.18](https://vuldb.com/?ip.10.15.0.18) | - | - | High
+21 | [10.15.0.19](https://vuldb.com/?ip.10.15.0.19) | - | - | High
+22 | [10.15.0.23](https://vuldb.com/?ip.10.15.0.23) | - | - | High
+23 | [10.15.0.30](https://vuldb.com/?ip.10.15.0.30) | - | - | High
+24 | [10.16.0.13](https://vuldb.com/?ip.10.16.0.13) | - | - | High
+25 | [10.16.0.18](https://vuldb.com/?ip.10.16.0.18) | - | - | High
+26 | [10.16.0.30](https://vuldb.com/?ip.10.16.0.30) | - | - | High
+27 | [10.140.226.6](https://vuldb.com/?ip.10.140.226.6) | - | - | High
+28 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
+29 | [13.107.42.12](https://vuldb.com/?ip.13.107.42.12) | 1drv.ms | - | High
+30 | [13.107.42.13](https://vuldb.com/?ip.13.107.42.13) | - | - | High
+31 | [13.107.43.12](https://vuldb.com/?ip.13.107.43.12) | - | - | High
+32 | [13.107.43.13](https://vuldb.com/?ip.13.107.43.13) | - | - | High
+33 | [13.225.214.71](https://vuldb.com/?ip.13.225.214.71) | server-13-225-214-71.ewr50.r.cloudfront.net | - | High
+34 | [13.225.214.91](https://vuldb.com/?ip.13.225.214.91) | server-13-225-214-91.ewr50.r.cloudfront.net | - | High
+35 | [13.225.214.108](https://vuldb.com/?ip.13.225.214.108) | server-13-225-214-108.ewr50.r.cloudfront.net | - | High
+36 | [13.225.230.20](https://vuldb.com/?ip.13.225.230.20) | server-13-225-230-20.jfk51.r.cloudfront.net | - | High
+37 | [13.250.255.10](https://vuldb.com/?ip.13.250.255.10) | ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com | - | Medium
+38 | [15.197.142.173](https://vuldb.com/?ip.15.197.142.173) | a4ec4c6ea1c92e2e6.awsglobalaccelerator.com | - | High
+39 | [15.235.53.10](https://vuldb.com/?ip.15.235.53.10) | ns5012329.ip-15-235-53.net | - | High
+40 | [15.237.137.33](https://vuldb.com/?ip.15.237.137.33) | ec2-15-237-137-33.eu-west-3.compute.amazonaws.com | - | Medium
+41 | [18.214.132.216](https://vuldb.com/?ip.18.214.132.216) | ec2-18-214-132-216.compute-1.amazonaws.com | - | Medium
+42 | [18.218.132.40](https://vuldb.com/?ip.18.218.132.40) | ec2-18-218-132-40.us-east-2.compute.amazonaws.com | - | Medium
+43 | [20.7.43.70](https://vuldb.com/?ip.20.7.43.70) | - | - | High
+44 | [20.36.253.92](https://vuldb.com/?ip.20.36.253.92) | - | - | High
+45 | [20.38.32.202](https://vuldb.com/?ip.20.38.32.202) | - | - | High
+46 | [20.42.73.27](https://vuldb.com/?ip.20.42.73.27) | - | - | High
+47 | [20.69.164.162](https://vuldb.com/?ip.20.69.164.162) | - | - | High
+48 | [20.106.76.138](https://vuldb.com/?ip.20.106.76.138) | - | - | High
+49 | [20.106.94.110](https://vuldb.com/?ip.20.106.94.110) | - | - | High
+50 | [20.110.185.77](https://vuldb.com/?ip.20.110.185.77) | - | - | High
+51 | [20.110.197.26](https://vuldb.com/?ip.20.110.197.26) | - | - | High
+52 | [20.112.83.244](https://vuldb.com/?ip.20.112.83.244) | - | - | High
+53 | [20.114.21.181](https://vuldb.com/?ip.20.114.21.181) | - | - | High
+54 | [20.124.111.166](https://vuldb.com/?ip.20.124.111.166) | - | - | High
+55 | [20.190.151.7](https://vuldb.com/?ip.20.190.151.7) | - | - | High
+56 | [20.190.151.8](https://vuldb.com/?ip.20.190.151.8) | - | - | High
+57 | [20.190.151.68](https://vuldb.com/?ip.20.190.151.68) | - | - | High
+58 | [20.190.151.70](https://vuldb.com/?ip.20.190.151.70) | - | - | High
+59 | [20.190.151.131](https://vuldb.com/?ip.20.190.151.131) | - | - | High
+60 | [20.190.151.132](https://vuldb.com/?ip.20.190.151.132) | - | - | High
+61 | [20.190.151.133](https://vuldb.com/?ip.20.190.151.133) | - | - | High
+62 | [20.190.152.21](https://vuldb.com/?ip.20.190.152.21) | - | - | High
+63 | [20.190.154.139](https://vuldb.com/?ip.20.190.154.139) | - | - | High
+64 | [20.225.154.34](https://vuldb.com/?ip.20.225.154.34) | - | - | High
+65 | [20.251.10.189](https://vuldb.com/?ip.20.251.10.189) | - | - | High
+66 | [23.3.13.88](https://vuldb.com/?ip.23.3.13.88) | a23-3-13-88.deploy.static.akamaitechnologies.com | - | High
+67 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
+68 | [23.19.227.82](https://vuldb.com/?ip.23.19.227.82) | - | - | High
+69 | [23.19.227.171](https://vuldb.com/?ip.23.19.227.171) | - | - | High
+70 | [23.19.227.243](https://vuldb.com/?ip.23.19.227.243) | - | - | High
+71 | [23.21.27.29](https://vuldb.com/?ip.23.21.27.29) | ec2-23-21-27-29.compute-1.amazonaws.com | - | Medium
+72 | [23.21.205.229](https://vuldb.com/?ip.23.21.205.229) | ec2-23-21-205-229.compute-1.amazonaws.com | - | Medium
+73 | [23.21.213.140](https://vuldb.com/?ip.23.21.213.140) | ec2-23-21-213-140.compute-1.amazonaws.com | - | Medium
+74 | [23.38.131.139](https://vuldb.com/?ip.23.38.131.139) | a23-38-131-139.deploy.static.akamaitechnologies.com | - | High
+75 | [23.46.239.18](https://vuldb.com/?ip.23.46.239.18) | a23-46-239-18.deploy.static.akamaitechnologies.com | - | High
+76 | [23.56.9.181](https://vuldb.com/?ip.23.56.9.181) | a23-56-9-181.deploy.static.akamaitechnologies.com | - | High
+77 | [23.78.173.83](https://vuldb.com/?ip.23.78.173.83) | a23-78-173-83.deploy.static.akamaitechnologies.com | - | High
+78 | [23.82.12.29](https://vuldb.com/?ip.23.82.12.29) | - | - | High
+79 | [23.105.131.132](https://vuldb.com/?ip.23.105.131.132) | mail132.nessfist.com | - | High
+80 | [23.105.131.141](https://vuldb.com/?ip.23.105.131.141) | mail141.nessfist.com | - | High
+81 | [23.105.131.186](https://vuldb.com/?ip.23.105.131.186) | mail186.nessfist.com | - | High
+82 | [23.105.131.193](https://vuldb.com/?ip.23.105.131.193) | - | - | High
+83 | [23.105.131.206](https://vuldb.com/?ip.23.105.131.206) | mail206.nessfist.com | - | High
+84 | [23.105.131.209](https://vuldb.com/?ip.23.105.131.209) | - | - | High
+85 | [23.105.131.211](https://vuldb.com/?ip.23.105.131.211) | mail211.nessfist.com | - | High
+86 | [23.105.131.220](https://vuldb.com/?ip.23.105.131.220) | mail220.nessfist.com | - | High
+87 | [23.105.131.222](https://vuldb.com/?ip.23.105.131.222) | - | - | High
+88 | [23.105.131.235](https://vuldb.com/?ip.23.105.131.235) | mail235.nessfist.com | - | High
+89 | [23.105.131.238](https://vuldb.com/?ip.23.105.131.238) | mail238.nessfist.com | - | High
+90 | [23.105.131.244](https://vuldb.com/?ip.23.105.131.244) | mail244.nessfist.com | - | High
+91 | [23.106.124.111](https://vuldb.com/?ip.23.106.124.111) | - | - | High
+92 | [23.146.242.71](https://vuldb.com/?ip.23.146.242.71) | - | - | High
+93 | [23.146.242.110](https://vuldb.com/?ip.23.146.242.110) | - | - | High
+94 | [23.196.74.222](https://vuldb.com/?ip.23.196.74.222) | a23-196-74-222.deploy.static.akamaitechnologies.com | - | High
+95 | [23.199.63.11](https://vuldb.com/?ip.23.199.63.11) | a23-199-63-11.deploy.static.akamaitechnologies.com | - | High
+96 | [23.199.63.83](https://vuldb.com/?ip.23.199.63.83) | a23-199-63-83.deploy.static.akamaitechnologies.com | - | High
+97 | [23.223.37.181](https://vuldb.com/?ip.23.223.37.181) | a23-223-37-181.deploy.static.akamaitechnologies.com | - | High
+98 | [23.226.128.197](https://vuldb.com/?ip.23.226.128.197) | 23.226.128.197.static.quadranet.com | - | High
+99 | [23.227.38.74](https://vuldb.com/?ip.23.227.38.74) | - | - | High
+100 | [24.152.37.94](https://vuldb.com/?ip.24.152.37.94) | 24-152-37-94.masterdaweb.com | - | High
+101 | [31.3.152.100](https://vuldb.com/?ip.31.3.152.100) | 100.152.3.31.in-addr.arpa | - | High
+102 | [31.192.232.48](https://vuldb.com/?ip.31.192.232.48) | lindaj18.barber.pserver.space | - | High
+103 | [31.210.20.56](https://vuldb.com/?ip.31.210.20.56) | - | - | High
+104 | [31.210.20.130](https://vuldb.com/?ip.31.210.20.130) | - | - | High
+105 | [31.210.20.224](https://vuldb.com/?ip.31.210.20.224) | - | - | High
+106 | [31.210.20.236](https://vuldb.com/?ip.31.210.20.236) | - | - | High
+107 | [31.210.21.205](https://vuldb.com/?ip.31.210.21.205) | lit4.top | - | High
+108 | [34.96.116.138](https://vuldb.com/?ip.34.96.116.138) | 138.116.96.34.bc.googleusercontent.com | - | Medium
+109 | [34.102.136.180](https://vuldb.com/?ip.34.102.136.180) | 180.136.102.34.bc.googleusercontent.com | - | Medium
+110 | [34.117.168.233](https://vuldb.com/?ip.34.117.168.233) | 233.168.117.34.bc.googleusercontent.com | - | Medium
+111 | [34.192.250.175](https://vuldb.com/?ip.34.192.250.175) | ec2-34-192-250-175.compute-1.amazonaws.com | - | Medium
+112 | [34.197.12.81](https://vuldb.com/?ip.34.197.12.81) | ec2-34-197-12-81.compute-1.amazonaws.com | - | Medium
+113 | [34.202.33.33](https://vuldb.com/?ip.34.202.33.33) | ec2-34-202-33-33.compute-1.amazonaws.com | - | Medium
+114 | [34.239.194.181](https://vuldb.com/?ip.34.239.194.181) | ec2-34-239-194-181.compute-1.amazonaws.com | - | Medium
+115 | [35.205.61.67](https://vuldb.com/?ip.35.205.61.67) | 67.61.205.35.bc.googleusercontent.com | - | Medium
+116 | [35.214.144.124](https://vuldb.com/?ip.35.214.144.124) | 124.144.214.35.bc.googleusercontent.com | - | Medium
+117 | [37.0.10.217](https://vuldb.com/?ip.37.0.10.217) | - | - | High
+118 | [37.0.11.114](https://vuldb.com/?ip.37.0.11.114) | - | - | High
+119 | [37.0.11.230](https://vuldb.com/?ip.37.0.11.230) | - | - | High
+120 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
+121 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
+122 | [37.0.14.199](https://vuldb.com/?ip.37.0.14.199) | - | - | High
+123 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
+124 | [37.0.14.204](https://vuldb.com/?ip.37.0.14.204) | - | - | High
+125 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
+126 | [37.0.14.207](https://vuldb.com/?ip.37.0.14.207) | - | - | High
+127 | [37.0.14.209](https://vuldb.com/?ip.37.0.14.209) | - | - | High
+128 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
+129 | [37.0.14.211](https://vuldb.com/?ip.37.0.14.211) | - | - | High
+130 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
+131 | [37.0.14.217](https://vuldb.com/?ip.37.0.14.217) | - | - | High
+132 | [37.1.206.16](https://vuldb.com/?ip.37.1.206.16) | free.ispiria.net | - | High
+133 | [37.1.206.146](https://vuldb.com/?ip.37.1.206.146) | - | - | High
+134 | [37.19.193.217](https://vuldb.com/?ip.37.19.193.217) | unn-37-19-193-217.cdn77.com | - | High
+135 | [37.46.150.211](https://vuldb.com/?ip.37.46.150.211) | convert-concern.needratio.com | - | High
+136 | [37.120.138.222](https://vuldb.com/?ip.37.120.138.222) | - | - | High
+137 | [37.120.155.179](https://vuldb.com/?ip.37.120.155.179) | - | - | High
+138 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
+139 | [37.120.217.243](https://vuldb.com/?ip.37.120.217.243) | - | - | High
+140 | [37.123.118.150](https://vuldb.com/?ip.37.123.118.150) | - | - | High
+141 | [37.139.64.106](https://vuldb.com/?ip.37.139.64.106) | - | - | High
+142 | [37.139.128.4](https://vuldb.com/?ip.37.139.128.4) | - | - | High
+143 | [37.139.128.24](https://vuldb.com/?ip.37.139.128.24) | - | - | High
+144 | [37.139.129.142](https://vuldb.com/?ip.37.139.129.142) | - | - | High
+145 | [37.230.130.153](https://vuldb.com/?ip.37.230.130.153) | - | - | High
+146 | [37.230.178.57](https://vuldb.com/?ip.37.230.178.57) | - | - | High
+147 | [37.235.1.174](https://vuldb.com/?ip.37.235.1.174) | resolver1.freedns.zone.powered.by.virtexxa.com | - | High
+148 | [37.235.1.177](https://vuldb.com/?ip.37.235.1.177) | resolver2.freedns.zone.powered.by.virtexxa.com | - | High
+149 | [38.26.191.78](https://vuldb.com/?ip.38.26.191.78) | - | - | High
+150 | [38.68.53.190](https://vuldb.com/?ip.38.68.53.190) | - | - | High
+151 | [38.242.134.118](https://vuldb.com/?ip.38.242.134.118) | vmi997441.contaboserver.net | - | High
+152 | [38.242.246.175](https://vuldb.com/?ip.38.242.246.175) | vmi838644.contaboserver.net | - | High
+153 | [40.126.26.134](https://vuldb.com/?ip.40.126.26.134) | - | - | High
+154 | [40.126.28.12](https://vuldb.com/?ip.40.126.28.12) | - | - | High
+155 | [40.126.28.22](https://vuldb.com/?ip.40.126.28.22) | - | - | High
+156 | [41.190.3.209](https://vuldb.com/?ip.41.190.3.209) | www.9mobile.com.ng | - | High
+157 | [41.216.183.96](https://vuldb.com/?ip.41.216.183.96) | - | - | High
+158 | [41.216.183.195](https://vuldb.com/?ip.41.216.183.195) | - | - | High
+159 | [41.216.183.226](https://vuldb.com/?ip.41.216.183.226) | - | - | High
+160 | [43.226.229.83](https://vuldb.com/?ip.43.226.229.83) | - | - | High
+161 | [44.230.27.49](https://vuldb.com/?ip.44.230.27.49) | ec2-44-230-27-49.us-west-2.compute.amazonaws.com | - | Medium
+162 | [44.238.161.76](https://vuldb.com/?ip.44.238.161.76) | ec2-44-238-161-76.us-west-2.compute.amazonaws.com | - | Medium
+163 | [45.12.253.190](https://vuldb.com/?ip.45.12.253.190) | - | - | High
+164 | [45.15.143.148](https://vuldb.com/?ip.45.15.143.148) | - | - | High
+165 | [45.62.170.248](https://vuldb.com/?ip.45.62.170.248) | - | - | High
+166 | [45.66.151.212](https://vuldb.com/?ip.45.66.151.212) | - | - | High
+167 | [45.67.231.82](https://vuldb.com/?ip.45.67.231.82) | vm906070.stark-industries.solutions | - | High
+168 | [45.74.32.12](https://vuldb.com/?ip.45.74.32.12) | - | - | High
+169 | [45.81.39.21](https://vuldb.com/?ip.45.81.39.21) | - | - | High
+170 | [45.81.243.246](https://vuldb.com/?ip.45.81.243.246) | - | - | High
+171 | [45.82.84.10](https://vuldb.com/?ip.45.82.84.10) | 45.82.84.10.deltahost-ptr | - | High
+172 | [45.83.129.166](https://vuldb.com/?ip.45.83.129.166) | - | - | High
+173 | [45.87.61.104](https://vuldb.com/?ip.45.87.61.104) | - | - | High
+174 | [45.88.66.122](https://vuldb.com/?ip.45.88.66.122) | runningegg.xyz | - | High
+175 | [45.90.222.204](https://vuldb.com/?ip.45.90.222.204) | 45-90-222-204-hostedby.bcr.host | - | High
+176 | [45.95.168.62](https://vuldb.com/?ip.45.95.168.62) | maxko-hosting.com | - | High
+177 | [45.128.234.54](https://vuldb.com/?ip.45.128.234.54) | - | - | High
+178 | [45.133.1.34](https://vuldb.com/?ip.45.133.1.34) | - | - | High
+179 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
+180 | [45.133.1.72](https://vuldb.com/?ip.45.133.1.72) | - | - | High
+181 | [45.133.174.55](https://vuldb.com/?ip.45.133.174.55) | - | - | High
+182 | [45.133.174.77](https://vuldb.com/?ip.45.133.174.77) | - | - | High
+183 | [45.133.174.177](https://vuldb.com/?ip.45.133.174.177) | - | - | High
+184 | [45.133.174.187](https://vuldb.com/?ip.45.133.174.187) | - | - | High
+185 | [45.137.22.52](https://vuldb.com/?ip.45.137.22.52) | hosted-by.rootlayer.net | - | High
+186 | [45.137.22.77](https://vuldb.com/?ip.45.137.22.77) | mail.governorsperic.xyz | - | High
+187 | [45.137.22.101](https://vuldb.com/?ip.45.137.22.101) | hosted-by.rootlayer.net | - | High
+188 | [45.137.22.104](https://vuldb.com/?ip.45.137.22.104) | hosted-by.rootlayer.net | - | High
+189 | [45.137.22.107](https://vuldb.com/?ip.45.137.22.107) | hosted-by.rootlayer.net | - | High
+190 | [45.137.22.116](https://vuldb.com/?ip.45.137.22.116) | hosted-by.rootlayer.net | - | High
+191 | [45.137.22.236](https://vuldb.com/?ip.45.137.22.236) | hosted-by.rootlayer.net | - | High
+192 | [45.137.22.248](https://vuldb.com/?ip.45.137.22.248) | hosted-by.rootlayer.net | - | High
+193 | [45.137.116.253](https://vuldb.com/?ip.45.137.116.253) | rs-zap1025641-3.zap-srv.com | - | High
+194 | [45.137.118.105](https://vuldb.com/?ip.45.137.118.105) | - | - | High
+195 | [45.138.16.39](https://vuldb.com/?ip.45.138.16.39) | - | - | High
+196 | [45.138.172.94](https://vuldb.com/?ip.45.138.172.94) | - | - | High
+197 | [45.139.105.174](https://vuldb.com/?ip.45.139.105.174) | - | - | High
+198 | [45.141.152.68](https://vuldb.com/?ip.45.141.152.68) | 45-141-152-68.pool.ovpn.com | - | High
+199 | [45.144.225.112](https://vuldb.com/?ip.45.144.225.112) | - | - | High
+200 | [45.144.225.213](https://vuldb.com/?ip.45.144.225.213) | - | - | High
+201 | [45.144.225.221](https://vuldb.com/?ip.45.144.225.221) | - | - | High
+202 | [45.148.17.62](https://vuldb.com/?ip.45.148.17.62) | mail.spokel.se | - | High
+203 | [45.154.4.64](https://vuldb.com/?ip.45.154.4.64) | - | - | High
+204 | [45.155.165.117](https://vuldb.com/?ip.45.155.165.117) | - | - | High
+205 | [45.155.165.139](https://vuldb.com/?ip.45.155.165.139) | - | - | High
+206 | [45.155.165.160](https://vuldb.com/?ip.45.155.165.160) | - | - | High
+207 | [46.2.255.122](https://vuldb.com/?ip.46.2.255.122) | - | - | High
+208 | [46.8.211.72](https://vuldb.com/?ip.46.8.211.72) | - | - | High
+209 | [46.105.127.143](https://vuldb.com/?ip.46.105.127.143) | ns385442.ip-46-105-127.eu | - | High
+210 | [46.183.216.163](https://vuldb.com/?ip.46.183.216.163) | tagoe.lstartanalystconcepts.org.uk | - | High
+211 | [46.183.217.11](https://vuldb.com/?ip.46.183.217.11) | raimis.comanchor.com | - | High
+212 | [46.183.220.61](https://vuldb.com/?ip.46.183.220.61) | ip-220-61.dataclub.info | - | High
+213 | [46.183.220.67](https://vuldb.com/?ip.46.183.220.67) | ip-220-67.dataclub.info | - | High
+214 | [46.183.220.203](https://vuldb.com/?ip.46.183.220.203) | ip-220-203.dataclub.info | - | High
+215 | [46.183.223.57](https://vuldb.com/?ip.46.183.223.57) | ip-223-57.dataclub.info | - | High
+216 | [46.243.147.194](https://vuldb.com/?ip.46.243.147.194) | - | - | High
+217 | [46.243.239.36](https://vuldb.com/?ip.46.243.239.36) | - | - | High
+218 | [46.243.239.153](https://vuldb.com/?ip.46.243.239.153) | - | - | High
+219 | [46.243.249.150](https://vuldb.com/?ip.46.243.249.150) | - | - | High
+220 | [46.246.6.9](https://vuldb.com/?ip.46.246.6.9) | c-46-246-6-9.ip4.frootvpn.com | - | High
+221 | [46.246.80.68](https://vuldb.com/?ip.46.246.80.68) | c-46-246-80-68.ip4.frootvpn.com | - | High
+222 | [47.254.172.117](https://vuldb.com/?ip.47.254.172.117) | - | - | High
+223 | [50.16.234.229](https://vuldb.com/?ip.50.16.234.229) | ec2-50-16-234-229.compute-1.amazonaws.com | - | Medium
+224 | [50.63.202.36](https://vuldb.com/?ip.50.63.202.36) | ip-50-63-202-36.ip.secureserver.net | - | High
+225 | [51.15.229.127](https://vuldb.com/?ip.51.15.229.127) | 127-229-15-51.instances.scw.cloud | - | High
+226 | [51.75.209.242](https://vuldb.com/?ip.51.75.209.242) | ip242.ip-51-75-209.eu | - | High
+227 | [51.75.209.245](https://vuldb.com/?ip.51.75.209.245) | ip245.ip-51-75-209.eu | - | High
+228 | [51.81.193.203](https://vuldb.com/?ip.51.81.193.203) | ip203.ip-51-81-193.us | - | High
+229 | [51.91.236.193](https://vuldb.com/?ip.51.91.236.193) | cluster028.hosting.ovh.net | - | High
+230 | [51.103.16.165](https://vuldb.com/?ip.51.103.16.165) | - | - | High
+231 | [51.161.212.232](https://vuldb.com/?ip.51.161.212.232) | ip232.ip-51-161-212.net | - | High
+232 | [51.195.57.234](https://vuldb.com/?ip.51.195.57.234) | ip234.ip-51-195-57.eu | - | High
+233 | [51.210.137.26](https://vuldb.com/?ip.51.210.137.26) | ip26.ip-51-210-137.eu | - | High
+234 | ... | ... | ... | ...

-There are 891 more IOC items available. Please use our online service to access the data.
+There are 933 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -260,7 +270,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK

 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
-1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-36, CWE-37 | Pathname Traversal | High
+1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-27, CWE-36, CWE-37, CWE-50 | Pathname Traversal | High
 2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
@ -275,12 +285,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/?ajax-request=jnews` | High
-2 | File | `/admin/delete_user.php` | High
-3 | File | `/admin/index2.html` | High
-4 | File | `/admin/products/manage_product.php` | High
-5 | File | `/admin/userprofile.php` | High
-6 | File | `/administrator/components/table_manager/` | High
+1 | File | `/admin/edit_subject.php` | High
+2 | File | `/admin/index2.html` | High
+3 | File | `/admin/products/manage_product.php` | High
+4 | File | `/admin/userprofile.php` | High
+5 | File | `/administrator/components/table_manager/` | High
+6 | File | `/api/login` | Medium
 7 | File | `/blog/blog.php` | High
 8 | File | `/BRS_netgear_success.html` | High
 9 | File | `/cgi-bin-sdb/ExportSettings.sh` | High
@ -290,40 +300,39 @@ ID | Type | Indicator | Confidence
 13 | File | `/databases/database/list` | High
 14 | File | `/dcim/rack-roles/` | High
 15 | File | `/E-mobile/App/System/File/downfile.php` | High
-16 | File | `/edoc/doctor/patient.php` | High
-17 | File | `/etc/sudoers` | Medium
-18 | File | `/ext/phar/phar_object.c` | High
-19 | File | `/forum/away.php` | High
-20 | File | `/goform/aspForm` | High
-21 | File | `/inc/topBarNav.php` | High
-22 | File | `/index.php?app=main&func=passport&action=login` | High
-23 | File | `/iwgallery/pictures/details.asp` | High
-24 | File | `/kelas/data` | Medium
-25 | File | `/kelasdosen/data` | High
-26 | File | `/librarian/bookdetails.php` | High
-27 | File | `/mcategory.php` | High
-28 | File | `/messageboard/view.php` | High
-29 | File | `/mhds/clinic/view_details.php` | High
-30 | File | `/MIME/INBOX-MM-1/` | High
-31 | File | `/movie.php` | Medium
-32 | File | `/osm/REGISTER.cmd` | High
-33 | File | `/out.php` | Medium
-34 | File | `/reservation/add_message.php` | High
-35 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
-36 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
-37 | File | `/rom-0` | Low
-38 | File | `/sbin/orthrus` | High
-39 | File | `/sbin/rtspd` | Medium
-40 | File | `/textpattern/index.php` | High
-41 | File | `/tmp` | Low
-42 | File | `/uncpath/` | Medium
-43 | File | `/usr/bin/at` | Medium
-44 | File | `/var/www/video/mp4ts` | High
-45 | File | `/wabt/bin/poc.wasm` | High
-46 | File | `/wp-admin/admin-ajax.php` | High
-47 | ... | ... | ...
+16 | File | `/ext/phar/phar_object.c` | High
+17 | File | `/forum/away.php` | High
+18 | File | `/goform/aspForm` | High
+19 | File | `/inc/topBarNav.php` | High
+20 | File | `/index.php?app=main&func=passport&action=login` | High
+21 | File | `/iwgallery/pictures/details.asp` | High
+22 | File | `/kelas/data` | Medium
+23 | File | `/kelasdosen/data` | High
+24 | File | `/librarian/bookdetails.php` | High
+25 | File | `/mcategory.php` | High
+26 | File | `/messageboard/view.php` | High
+27 | File | `/mhds/clinic/view_details.php` | High
+28 | File | `/MIME/INBOX-MM-1/` | High
+29 | File | `/movie.php` | Medium
+30 | File | `/osm/REGISTER.cmd` | High
+31 | File | `/out.php` | Medium
+32 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
+33 | File | `/sbin/orthrus` | High
+34 | File | `/sbin/rtspd` | Medium
+35 | File | `/send_order.cgi?parameter=restart` | High
+36 | File | `/textpattern/index.php` | High
+37 | File | `/tmp` | Low
+38 | File | `/uncpath/` | Medium
+39 | File | `/var/www/video/mp4ts` | High
+40 | File | `/view-pass-detail.php` | High
+41 | File | `/wp-admin/admin-ajax.php` | High
+42 | File | `123flashchat.php` | High
+43 | File | `404.php` | Low
+44 | File | `ActiveServices.java` | High
+45 | File | `adclick.php` | Medium
+46 | ... | ... | ...

-There are 404 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 396 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -345,10 +354,12 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/0c0a9b0df586ceb12e6b76f86473a2bf2db7cb9d8101dc90217959e9d12d48b4/
 * https://bazaar.abuse.ch/sample/0ca246e6325bfa1bd4aa4f743a259d4c3553a316a44665a5a21d5d5132b893c0/
 * https://bazaar.abuse.ch/sample/0d0f9ca99e1de30499a97020eb01a4cda5744eadff4faf56a79f8080c515002c/
+* https://bazaar.abuse.ch/sample/0d771bed67134df3cfcbafe953d9378ca9a40ba93f05f726b9286638a08318e4/
 * https://bazaar.abuse.ch/sample/0d537286511634e32a07e7b3e21113b5f96205f4dfb5cf99b4ca139e1af9a5a8/
 * https://bazaar.abuse.ch/sample/0ef3738b3a12244f1d7f008f729234c3ebf09060a991d156500cdfda696958ed/
 * https://bazaar.abuse.ch/sample/0f27e5f647e28a535aa0ab9dde5c707150431f10c62d12f1e192ea02d698b3e4/
 * https://bazaar.abuse.ch/sample/0f94dbc5795808376e1f58af647fe522762836503be7c601a76a59b538f8e9f1/
+* https://bazaar.abuse.ch/sample/0f611b87697a816d5b37f745fa94c89315327ba3458c190fe41efd891ccd5196/
 * https://bazaar.abuse.ch/sample/0fe89951109e6ef6331f9c96ee018493fdfc88e063a8a42e0ec369c9514c95d6/
 * https://bazaar.abuse.ch/sample/0005221f680e052526e38e898d16b9bc7c943c7525684215374e0798835d021d/
 * https://bazaar.abuse.ch/sample/01b1f2041aaba6815657a7a7409a0843868459fa3cabf0c377a83862ac88a27f/
@ -359,6 +370,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/0263f401d5624ac940224924776925bf38008ebdda2ea5135e66db9c3e5758ad/
 * https://bazaar.abuse.ch/sample/03541b2cf3bf022eda584b9ead6b6edeb7a47e8ccaa99b2415ee56694c9868cb/
 * https://bazaar.abuse.ch/sample/039336033932a8d182cf4f3d4fa93a738d2b1a2ccd9c6bdcb961c0cfad8d7aba/
+* https://bazaar.abuse.ch/sample/0457877267dc59b12e52c15a7167ab493eb2a25cfb5daefb6c008144e9da5f43/
 * https://bazaar.abuse.ch/sample/051552af5a1c92a6fbe46493e399e441727e9d65dbdf5e702210f218c256a305/
 * https://bazaar.abuse.ch/sample/0621145f12965ae3092c5cf0114eb7948b342d3273bb53b75faecaad02d987fb/
 * https://bazaar.abuse.ch/sample/08c829e7056b8e022539076acbc962dea072e6506184d4036b785cb0e4592371/
@ -384,6 +396,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/3a573796b5e6f1cc3a92eef7e268fa4e74aeddf34f5dd62f7b02109fe560ecd2/
 * https://bazaar.abuse.ch/sample/3bf1e10ec328ccd9d99e88e2767686851c501426c946ba4e86248d409e880b35/
 * https://bazaar.abuse.ch/sample/3bf702bc7bf2ff4c9688b572fbf657112d7c6e6adc76f1ca2ff8247a6e304497/
+* https://bazaar.abuse.ch/sample/3c2b603e5f2c4bf67f3e240cff2daa7ffca9703ce808e9893f446963ff72eb1e/
 * https://bazaar.abuse.ch/sample/3ce969a94f4bc8dec526e3551626d7e3639bae986304deba85e8f29f039fe345/
 * https://bazaar.abuse.ch/sample/3d4ffcd1cd594f452ad1c374933eea8dd36d21a6d01372cc7f1afc636d26fa72/
 * https://bazaar.abuse.ch/sample/3e95a3d6fa66dde612e6c43e15acd6e7b825ddb520ea562ad8f256190f2d21b8/
@ -434,6 +447,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/8b634e4b3e83df2eca465217d91ae46505587a6392171790883c619f8c599f05/
 * https://bazaar.abuse.ch/sample/8c10d08c8a744ec9d6380e1482ceaa6fa3108dbe176405d31a351b0852bf3435/
 * https://bazaar.abuse.ch/sample/8c40b3231173a6f2ced3ae964beb7b38c87b683c396fd6c67899eaae9ad73f4c/
+* https://bazaar.abuse.ch/sample/8c80ec1c91dcd77ea0be5d0e53e289a6bc0ed764a12f9262ba979f579bb25591/
 * https://bazaar.abuse.ch/sample/8e5008a722fca288f7d181187530843867073db7d7d15c4681669608bf41dbfe/
 * https://bazaar.abuse.ch/sample/8ed64df164d8b7875da48a0cfb46b23e1eca448efd5d8b142c0c94e2ece367fe/
 * https://bazaar.abuse.ch/sample/9abc6ddcc2996af46ee685ba210218589355a295a78eda3a7b5cc353c84f41dd/
@ -443,8 +457,10 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/9d524a914beb136ee8fdb96a99e046babcb3494c9f52b9f5ed5bf0c057beeb84/
 * https://bazaar.abuse.ch/sample/9d6522fa46c7e1a5ce5020bf380198b6356c3d70f298a7f03e0394d8bfd632fd/
 * https://bazaar.abuse.ch/sample/9e04041dd5e56b2a13ff2128934b2c2e1f9d0c37bb0b96132c658d30d66a83d9/
+* https://bazaar.abuse.ch/sample/9ec972333e8ee5a045f432e0d9829a85b10361f717c57482c322d7077e237b3d/
 * https://bazaar.abuse.ch/sample/9ef247402ff781f7f8c5f01d6e611d2e2350e2a421530e1774d3cc4050637540/
 * https://bazaar.abuse.ch/sample/11c95b5581d535f6231f157c2c33237ce4abbb8ad64e733d74e2c36ae90bc13a/
+* https://bazaar.abuse.ch/sample/16bb974c71635d85ce58284f8e17291ac46bf7c2972e3235fcf60c1a1c0ed681/
 * https://bazaar.abuse.ch/sample/17bb1028f9d0ed56ea18c4c3ebde034d105532bc191f9214e1f5971a747f6447/
 * https://bazaar.abuse.ch/sample/18f8c880b862e8ee63d989445d174cd01a66921845ebf094035e677246bd84c8/
 * https://bazaar.abuse.ch/sample/18f51c19c22914e634d9cfcd86018e676e91d1c4a9293c247a3c9da84dce3f60/
@ -464,6 +480,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/43e1f1635e1cca717e2d9598e708ded20f6e9236f68ab9d3a28b83e49c71fd32/
 * https://bazaar.abuse.ch/sample/45b0d876c0cd4f0d9f397f8a4029d71e55b4d13813ccea024dc492d2ae868214/
 * https://bazaar.abuse.ch/sample/45f3e6d6f40de19bca584dfafdfac7a3f5fb9b481717a0997d9f9c2d78d58fad/
+* https://bazaar.abuse.ch/sample/46f34cde2327b419337554aba74d7b380c82d8cfb761cb538d44b1c3e2447430/
 * https://bazaar.abuse.ch/sample/47fb3f47c7d8d30d6bc605805e10fa9c60af5c0516b93e475c030da9144a715d/
 * https://bazaar.abuse.ch/sample/55f447e7b379e9332e0a455094ae5b45385f5ac2c2c1cc7234faa198f088e7c5/
 * https://bazaar.abuse.ch/sample/56c0cea73bf798f06be6c3cd0c834c0c7446a65e26be683ca66ec0347818fb15/
@ -480,6 +497,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/66bb1d3c8d8183b438da1c02e02428d069b37a078f62eded9eed110d9b9a427a/
 * https://bazaar.abuse.ch/sample/73f87dc14d15addd846f2073187ac64be665ce79f618fff31c981ac95a51d288/
 * https://bazaar.abuse.ch/sample/73f93753808172cbab4fbca1e6d8beb8426cf57d1ff000973864d79db32f1054/
+* https://bazaar.abuse.ch/sample/74c7371f4ee7b52bb7c9c79610027e6e927e3bfca8ef841407e1610f72f11aa2/
 * https://bazaar.abuse.ch/sample/76bf90f97131f4b187fbdfce5a1f02224e30a752782cbcd7f9a5d90a043de128/
 * https://bazaar.abuse.ch/sample/77a473ec97a05675a95eda5114ca1e90fd09ccc75941aa6ecd26d2159312688b/
 * https://bazaar.abuse.ch/sample/79fd22e1bb6fa5e88488288e2472fc4323948ae21b5ea4ad0a9692b0ebb8b835/
@ -544,6 +562,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/69506d94e34defa3a35ad549bcb235b2001579de3910a80565b114ea6db7f6d4/
 * https://bazaar.abuse.ch/sample/74615bedcd52ff089b0ed9dede11c46cd27de39b0b52c309ad71175e79e53868/
 * https://bazaar.abuse.ch/sample/76518f1a30196708a3e2e9bfa561adc3abb2b942058325c453add5f5e7a39304/
+* https://bazaar.abuse.ch/sample/88487a1a199fd2edca3ed2c60997116aa4ce1f63f2fba7b68be0ad9b96ca88be/
 * https://bazaar.abuse.ch/sample/89557a031bb8f7131e9768921c7fb68ccde4fba3836fd4dba94ceea08ca9bb39/
 * https://bazaar.abuse.ch/sample/236295fb5aef2564336196bce9faa74a2887ce6b5a7c28fe2709700d0abd0a42/
 * https://bazaar.abuse.ch/sample/596479cd77e25e5d6dbf0b421afff049390813cc254ae90f86af00a10bdf6f90/
@ -556,6 +575,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/6454523a7bb0aec9d2c66c43447ea65bfe8cff6659b4b4fea26d8919571de430/
 * https://bazaar.abuse.ch/sample/41231403c901ea25abd1132ec834bc3dc5904c29c5afa8ad3f55c019e68059d8/
 * https://bazaar.abuse.ch/sample/56795470a3bd1762459af050088e74f3a693ba31980aa545f7a0bca1024f457c/
+* https://bazaar.abuse.ch/sample/202577211d7d1710869244007ccb21c8fdf3140c3445481ca6e839da82fef962/
 * https://bazaar.abuse.ch/sample/6534823922c1889047e2edc0aab14482758d7dbdd296941403ae7657cb248e05/
 * https://bazaar.abuse.ch/sample/38455251726a64db957d8e30e6c1dc1ca2b10c35691dadbcf3bf8172babe94e3/
 * https://bazaar.abuse.ch/sample/a0bb5a244b144a8e10087fd70a04580c3bb8c4c8add7da671a06f10020473004/
@ -574,12 +594,15 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/a82398e3798998a98573b4255a7e2c5a6db73ffd724dbc463e293026815f206e/
 * https://bazaar.abuse.ch/sample/a317273e6fa660452328fb81cfadc412986c383355c4725090f359305ed3903a/
 * https://bazaar.abuse.ch/sample/a6897640eab3e69312d27fafdc793508125ae4117d102cc0f29f74699bb28c3e/
+* https://bazaar.abuse.ch/sample/a5568136305ea90dcc7d03b44a8797a2c3355ea741d509ee8a62a339159c8e73/
 * https://bazaar.abuse.ch/sample/aa2caafd9a1d53df2112c9081fb5686e04283be0da13d94bacdfc8c9addf0c34/
+* https://bazaar.abuse.ch/sample/aa6646da5d47bbfffce88075205a5e6c1af6107a9dae7dec98b14e7c3d022219/
 * https://bazaar.abuse.ch/sample/ad9af80e85ce89d8ea05b7094f9f956e5afd7aa08ad49c048fe79c240a8b15a8/
 * https://bazaar.abuse.ch/sample/aecb74252f3ae4e3d912c1983de70c06ac29c69b287b31e45d29fbee0ccb5772/
 * https://bazaar.abuse.ch/sample/af0954828fe65381b0f1adb7ac6f852b776a622a8ec3d422b5d721e8e29de1b7/
 * https://bazaar.abuse.ch/sample/b1b0fa6f46557e5804b683bc76db76dd71246753726ce7645ab3804ec1d68a44/
 * https://bazaar.abuse.ch/sample/b1f4aa9a46b55d5ade9fd65f2afb175c39be592dc5907611b9db5f86a65d91a1/
+* https://bazaar.abuse.ch/sample/b5a72e2705d54b0c562e3e68bed8d3652570666182a236b491f724200d3e38db/
 * https://bazaar.abuse.ch/sample/b8fae7f95981a7ef822808a3421cb6b779d993cb7b24b2bcfd5ce5b0665169ea/
 * https://bazaar.abuse.ch/sample/b9e467b94e968b2fb26ae2384d400eb37afd49b857644a754918d2d412eb74cc/
 * https://bazaar.abuse.ch/sample/b61f6b794f38f736e90ae8aa04e5f71acc8d5470c08ef8841c16087b6710a388/
@ -588,6 +611,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/b76e862dccd0da9b40dccf294bef402dc7a34185449bf55b022eb79dc8ce6e23/
 * https://bazaar.abuse.ch/sample/b84d775cf5de9234ec178e4a94c5c459f0c6e8ad3bffc977ba20b116b4d9d88e/
 * https://bazaar.abuse.ch/sample/b95ffbf8be23388df6b0d5c48cecdb091b6bbe2e00e002b8bac2cbfb7402d387/
+* https://bazaar.abuse.ch/sample/b2397a2aaec3b27ba8d1fa6747dcf9504e8ee7081bf3edea5e382db804656cae/
 * https://bazaar.abuse.ch/sample/b8908a0b052b5b590fa61f9c1014a80fe328f38c25b7a89f012c8312516d5aee/
 * https://bazaar.abuse.ch/sample/b391377f05186b4da5b4a52f02f25bffc5f76615e93ad600f86a6300a17e3879/
 * https://bazaar.abuse.ch/sample/b732982c4bcbf62d6fbab3b1e1ddd3764a8f99a17d1e8f679632f891b65c03ce/
@ -605,6 +629,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/bfe422f569af77aa4f5b1b9f1e85f6c89b7ca62540c368d5e5b152f68154a478/
 * https://bazaar.abuse.ch/sample/c0a5183fb178f4734580069f8697419dd8883a88bf69e57a2edb109d15d5cc9d/
 * https://bazaar.abuse.ch/sample/c046fc938166fd34c8041ff7c93f98f0ac3f68486aa844178e720c14dbbde625/
+* https://bazaar.abuse.ch/sample/c1a82c6f221c8285b77caf7af892cb54cb62970ad9952d8bd715ec12fb4e2d8e/
 * https://bazaar.abuse.ch/sample/c4ec288c3ae80a59a799b95facdccf7a1678f8d4d354d2c07019f078c2d90988/
 * https://bazaar.abuse.ch/sample/c6d5c5389f6a7d7fadca1c538b5408898454aaf5011910e90549e81fb03c0a1c/
 * https://bazaar.abuse.ch/sample/c7a99feac21b0b8954a435f3ffa5e816dc3ea0342ec0899357cf352732a5fa57/
@ -647,6 +672,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/e7f1796834e6d4938ee55b5396069d12d9fce56e5c885d6d1f72a8451add0806/
 * https://bazaar.abuse.ch/sample/e303ae23d963f2247b113f3a228b2b5421bd9dd563a286db2bd88c4e94d2b1e1/
 * https://bazaar.abuse.ch/sample/e3344c82354520a10c7f3e9833f07d340855193cb8d71647ee5315434db969e8/
+* https://bazaar.abuse.ch/sample/ea7e6b5688313cb532684ecc61a1438a40bbd32a0eb1ee7b1810086cb705aa09/
 * https://bazaar.abuse.ch/sample/ea209f6ba95920038ac83985be8bcffc1fda49631ed3142cfdd9f2acd52584b1/
 * https://bazaar.abuse.ch/sample/eb230cdf91b308f560ec54d1d84ea90b4d6637be9d747d884892c97d9af58825/
 * https://bazaar.abuse.ch/sample/ebe0b8890392475537625aeefaec22b5f0115011e135117d7afd9325eb47fad8/
@ -659,6 +685,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/edd76f4398cd937c508d229a8482add54c2ec8efe84a6881af90bbd40d8b8601/
 * https://bazaar.abuse.ch/sample/ee3e1ff02ef8c163c2472764b0f380528809ab305de242bd049c0f99c8ffdddd/
 * https://bazaar.abuse.ch/sample/ee7f3f56d2d8f4af4cb4d130578c31e47bf88a2a7a366ac8b9234001ccecf0f7/
+* https://bazaar.abuse.ch/sample/ee548086db277e0febd2797b582a734ac451a9cd050540d2a1fd08afa6232721/
 * https://bazaar.abuse.ch/sample/ef25d7d0ecfdebce118e6c9357ea63f0da9089f74d39805d22514743dfc76cb8/
 * https://bazaar.abuse.ch/sample/efe38e24a3e9e5e0b6728cd3c25e36b51dee90ec0587b908a03335cf0f6757cb/
 * https://bazaar.abuse.ch/sample/f0a04b49bc377c4af90de446c13ab304b2ec2265343bae49ae1fa23a029cd86d/
@ -681,6 +708,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/f540cc413a46d1c64542c9935d831de6e9908c1bd86e490ed66d47afb8f742f8/
 * https://bazaar.abuse.ch/sample/f92693be20b760d1f24228bf91056368c06f33faeaf8fad6517115036d1f37c6/
 * https://bazaar.abuse.ch/sample/f642554d96d59ef2acca7fd25683ccdc228eff38d38af5eef93f62c49cd60dd2/
+* https://bazaar.abuse.ch/sample/f814529a6f2e2a29f76d24db2fa858674a3088d6593b0cf4bf75eef4eb4dfe03/
 * https://bazaar.abuse.ch/sample/f198970271e10830bafa86eccc5ce43e5075a15ed43f4e1924d0e8e0824f218b/
 * https://bazaar.abuse.ch/sample/f5231414600e6239f0928f88a018e349d0856aa14b133905ab8fa05b6288d225/
 * https://bazaar.abuse.ch/sample/fb96ca5c0b97a8832fdcac5ec79c03255b29e602c30575bca2f2a054cb3d4397/
@ -827,6 +855,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://twitter.com/phage_nz/status/1404992038030897163
 * https://twitter.com/Racco42/status/1612697711475572738
 * https://twitter.com/reecdeep/status/1655565717347893254
+* https://www.fortinet.com/blog/threat-research/new-variant-of-remcos-rat-observed-in-the-wild.html
 * https://www.joesandbox.com/analysis/604253/0/html

 ## Literature
--- a/actors/Responder/README.md
+++ b/actors/Responder/README.md
@ -25,61 +25,64 @@ ID | IP address | Hostname | Campaign | Confidence
 2 | [3.12.70.100](https://vuldb.com/?ip.3.12.70.100) | ec2-3-12-70-100.us-east-2.compute.amazonaws.com | - | Medium
 3 | [3.12.113.100](https://vuldb.com/?ip.3.12.113.100) | ec2-3-12-113-100.us-east-2.compute.amazonaws.com | - | Medium
 4 | [3.19.132.170](https://vuldb.com/?ip.3.19.132.170) | ec2-3-19-132-170.us-east-2.compute.amazonaws.com | - | Medium
-5 | [3.21.214.24](https://vuldb.com/?ip.3.21.214.24) | ec2-3-21-214-24.us-east-2.compute.amazonaws.com | - | Medium
-6 | [3.65.94.188](https://vuldb.com/?ip.3.65.94.188) | ec2-3-65-94-188.eu-central-1.compute.amazonaws.com | - | Medium
-7 | [3.121.141.12](https://vuldb.com/?ip.3.121.141.12) | ec2-3-121-141-12.eu-central-1.compute.amazonaws.com | - | Medium
-8 | [3.128.165.237](https://vuldb.com/?ip.3.128.165.237) | ec2-3-128-165-237.us-east-2.compute.amazonaws.com | - | Medium
-9 | [3.131.227.105](https://vuldb.com/?ip.3.131.227.105) | ec2-3-131-227-105.us-east-2.compute.amazonaws.com | - | Medium
-10 | [3.132.230.8](https://vuldb.com/?ip.3.132.230.8) | ec2-3-132-230-8.us-east-2.compute.amazonaws.com | - | Medium
-11 | [3.134.198.51](https://vuldb.com/?ip.3.134.198.51) | ec2-3-134-198-51.us-east-2.compute.amazonaws.com | - | Medium
-12 | [3.138.120.116](https://vuldb.com/?ip.3.138.120.116) | ec2-3-138-120-116.us-east-2.compute.amazonaws.com | - | Medium
-13 | [3.140.197.153](https://vuldb.com/?ip.3.140.197.153) | ec2-3-140-197-153.us-east-2.compute.amazonaws.com | - | Medium
-14 | [3.141.110.210](https://vuldb.com/?ip.3.141.110.210) | ec2-3-141-110-210.us-east-2.compute.amazonaws.com | - | Medium
-15 | [3.144.4.92](https://vuldb.com/?ip.3.144.4.92) | ec2-3-144-4-92.us-east-2.compute.amazonaws.com | - | Medium
-16 | [3.218.78.81](https://vuldb.com/?ip.3.218.78.81) | ec2-3-218-78-81.compute-1.amazonaws.com | - | Medium
-17 | [3.249.18.59](https://vuldb.com/?ip.3.249.18.59) | ec2-3-249-18-59.eu-west-1.compute.amazonaws.com | - | Medium
-18 | [3.249.151.135](https://vuldb.com/?ip.3.249.151.135) | ec2-3-249-151-135.eu-west-1.compute.amazonaws.com | - | Medium
-19 | [3.249.161.113](https://vuldb.com/?ip.3.249.161.113) | ec2-3-249-161-113.eu-west-1.compute.amazonaws.com | - | Medium
-20 | [3.249.212.201](https://vuldb.com/?ip.3.249.212.201) | ec2-3-249-212-201.eu-west-1.compute.amazonaws.com | - | Medium
-21 | [3.250.59.127](https://vuldb.com/?ip.3.250.59.127) | ec2-3-250-59-127.eu-west-1.compute.amazonaws.com | - | Medium
-22 | [3.252.219.5](https://vuldb.com/?ip.3.252.219.5) | ec2-3-252-219-5.eu-west-1.compute.amazonaws.com | - | Medium
-23 | [3.253.101.91](https://vuldb.com/?ip.3.253.101.91) | ec2-3-253-101-91.eu-west-1.compute.amazonaws.com | - | Medium
-24 | [3.253.111.92](https://vuldb.com/?ip.3.253.111.92) | ec2-3-253-111-92.eu-west-1.compute.amazonaws.com | - | Medium
-25 | [5.45.118.168](https://vuldb.com/?ip.5.45.118.168) | testsuite | - | High
-26 | [8.219.195.188](https://vuldb.com/?ip.8.219.195.188) | - | - | High
-27 | [12.181.65.210](https://vuldb.com/?ip.12.181.65.210) | - | - | High
-28 | [13.37.231.184](https://vuldb.com/?ip.13.37.231.184) | ec2-13-37-231-184.eu-west-3.compute.amazonaws.com | - | Medium
-29 | [13.50.105.97](https://vuldb.com/?ip.13.50.105.97) | ec2-13-50-105-97.eu-north-1.compute.amazonaws.com | - | Medium
-30 | [13.58.85.225](https://vuldb.com/?ip.13.58.85.225) | ec2-13-58-85-225.us-east-2.compute.amazonaws.com | - | Medium
-31 | [13.59.98.191](https://vuldb.com/?ip.13.59.98.191) | ec2-13-59-98-191.us-east-2.compute.amazonaws.com | - | Medium
-32 | [13.87.92.152](https://vuldb.com/?ip.13.87.92.152) | - | - | High
-33 | [15.184.211.28](https://vuldb.com/?ip.15.184.211.28) | ec2-15-184-211-28.me-south-1.compute.amazonaws.com | - | Medium
-34 | [15.222.6.75](https://vuldb.com/?ip.15.222.6.75) | ec2-15-222-6-75.ca-central-1.compute.amazonaws.com | - | Medium
-35 | [18.117.104.228](https://vuldb.com/?ip.18.117.104.228) | ec2-18-117-104-228.us-east-2.compute.amazonaws.com | - | Medium
-36 | [18.118.140.42](https://vuldb.com/?ip.18.118.140.42) | ec2-18-118-140-42.us-east-2.compute.amazonaws.com | - | Medium
-37 | [18.119.78.203](https://vuldb.com/?ip.18.119.78.203) | ec2-18-119-78-203.us-east-2.compute.amazonaws.com | - | Medium
-38 | [18.133.125.105](https://vuldb.com/?ip.18.133.125.105) | ec2-18-133-125-105.eu-west-2.compute.amazonaws.com | - | Medium
-39 | [18.143.148.26](https://vuldb.com/?ip.18.143.148.26) | ec2-18-143-148-26.ap-southeast-1.compute.amazonaws.com | - | Medium
-40 | [18.188.0.172](https://vuldb.com/?ip.18.188.0.172) | ec2-18-188-0-172.us-east-2.compute.amazonaws.com | - | Medium
-41 | [18.188.231.17](https://vuldb.com/?ip.18.188.231.17) | ec2-18-188-231-17.us-east-2.compute.amazonaws.com | - | Medium
-42 | [18.189.1.24](https://vuldb.com/?ip.18.189.1.24) | ec2-18-189-1-24.us-east-2.compute.amazonaws.com | - | Medium
-43 | [18.189.124.58](https://vuldb.com/?ip.18.189.124.58) | ec2-18-189-124-58.us-east-2.compute.amazonaws.com | - | Medium
-44 | [18.190.119.137](https://vuldb.com/?ip.18.190.119.137) | ec2-18-190-119-137.us-east-2.compute.amazonaws.com | - | Medium
-45 | [18.196.231.230](https://vuldb.com/?ip.18.196.231.230) | ec2-18-196-231-230.eu-central-1.compute.amazonaws.com | - | Medium
-46 | [18.202.28.86](https://vuldb.com/?ip.18.202.28.86) | ec2-18-202-28-86.eu-west-1.compute.amazonaws.com | - | Medium
-47 | [18.204.142.71](https://vuldb.com/?ip.18.204.142.71) | egress.relaysecure.com | - | High
-48 | [18.208.213.147](https://vuldb.com/?ip.18.208.213.147) | ec2-18-208-213-147.compute-1.amazonaws.com | - | Medium
-49 | [18.218.44.20](https://vuldb.com/?ip.18.218.44.20) | ec2-18-218-44-20.us-east-2.compute.amazonaws.com | - | Medium
-50 | [18.220.53.56](https://vuldb.com/?ip.18.220.53.56) | ec2-18-220-53-56.us-east-2.compute.amazonaws.com | - | Medium
-51 | [18.221.160.80](https://vuldb.com/?ip.18.221.160.80) | ec2-18-221-160-80.us-east-2.compute.amazonaws.com | - | Medium
-52 | [18.222.81.233](https://vuldb.com/?ip.18.222.81.233) | ec2-18-222-81-233.us-east-2.compute.amazonaws.com | - | Medium
-53 | [18.222.116.178](https://vuldb.com/?ip.18.222.116.178) | ec2-18-222-116-178.us-east-2.compute.amazonaws.com | - | Medium
-54 | [20.13.154.2](https://vuldb.com/?ip.20.13.154.2) | - | - | High
-55 | [20.14.18.67](https://vuldb.com/?ip.20.14.18.67) | - | - | High
-56 | [20.49.161.22](https://vuldb.com/?ip.20.49.161.22) | - | - | High
-57 | ... | ... | ... | ...
+5 | [3.20.119.241](https://vuldb.com/?ip.3.20.119.241) | ec2-3-20-119-241.us-east-2.compute.amazonaws.com | - | Medium
+6 | [3.21.214.24](https://vuldb.com/?ip.3.21.214.24) | ec2-3-21-214-24.us-east-2.compute.amazonaws.com | - | Medium
+7 | [3.65.94.188](https://vuldb.com/?ip.3.65.94.188) | ec2-3-65-94-188.eu-central-1.compute.amazonaws.com | - | Medium
+8 | [3.121.141.12](https://vuldb.com/?ip.3.121.141.12) | ec2-3-121-141-12.eu-central-1.compute.amazonaws.com | - | Medium
+9 | [3.128.165.237](https://vuldb.com/?ip.3.128.165.237) | ec2-3-128-165-237.us-east-2.compute.amazonaws.com | - | Medium
+10 | [3.131.227.105](https://vuldb.com/?ip.3.131.227.105) | ec2-3-131-227-105.us-east-2.compute.amazonaws.com | - | Medium
+11 | [3.132.230.8](https://vuldb.com/?ip.3.132.230.8) | ec2-3-132-230-8.us-east-2.compute.amazonaws.com | - | Medium
+12 | [3.133.158.78](https://vuldb.com/?ip.3.133.158.78) | ec2-3-133-158-78.us-east-2.compute.amazonaws.com | - | Medium
+13 | [3.134.198.51](https://vuldb.com/?ip.3.134.198.51) | ec2-3-134-198-51.us-east-2.compute.amazonaws.com | - | Medium
+14 | [3.138.120.116](https://vuldb.com/?ip.3.138.120.116) | ec2-3-138-120-116.us-east-2.compute.amazonaws.com | - | Medium
+15 | [3.140.197.153](https://vuldb.com/?ip.3.140.197.153) | ec2-3-140-197-153.us-east-2.compute.amazonaws.com | - | Medium
+16 | [3.141.110.210](https://vuldb.com/?ip.3.141.110.210) | ec2-3-141-110-210.us-east-2.compute.amazonaws.com | - | Medium
+17 | [3.144.4.92](https://vuldb.com/?ip.3.144.4.92) | ec2-3-144-4-92.us-east-2.compute.amazonaws.com | - | Medium
+18 | [3.218.78.81](https://vuldb.com/?ip.3.218.78.81) | ec2-3-218-78-81.compute-1.amazonaws.com | - | Medium
+19 | [3.249.18.59](https://vuldb.com/?ip.3.249.18.59) | ec2-3-249-18-59.eu-west-1.compute.amazonaws.com | - | Medium
+20 | [3.249.151.135](https://vuldb.com/?ip.3.249.151.135) | ec2-3-249-151-135.eu-west-1.compute.amazonaws.com | - | Medium
+21 | [3.249.161.113](https://vuldb.com/?ip.3.249.161.113) | ec2-3-249-161-113.eu-west-1.compute.amazonaws.com | - | Medium
+22 | [3.249.212.201](https://vuldb.com/?ip.3.249.212.201) | ec2-3-249-212-201.eu-west-1.compute.amazonaws.com | - | Medium
+23 | [3.250.59.127](https://vuldb.com/?ip.3.250.59.127) | ec2-3-250-59-127.eu-west-1.compute.amazonaws.com | - | Medium
+24 | [3.252.219.5](https://vuldb.com/?ip.3.252.219.5) | ec2-3-252-219-5.eu-west-1.compute.amazonaws.com | - | Medium
+25 | [3.253.101.91](https://vuldb.com/?ip.3.253.101.91) | ec2-3-253-101-91.eu-west-1.compute.amazonaws.com | - | Medium
+26 | [3.253.111.92](https://vuldb.com/?ip.3.253.111.92) | ec2-3-253-111-92.eu-west-1.compute.amazonaws.com | - | Medium
+27 | [5.45.118.168](https://vuldb.com/?ip.5.45.118.168) | testsuite | - | High
+28 | [5.78.75.82](https://vuldb.com/?ip.5.78.75.82) | static.82.75.78.5.clients.your-server.de | - | High
+29 | [8.219.195.188](https://vuldb.com/?ip.8.219.195.188) | - | - | High
+30 | [12.181.65.210](https://vuldb.com/?ip.12.181.65.210) | - | - | High
+31 | [13.37.231.184](https://vuldb.com/?ip.13.37.231.184) | ec2-13-37-231-184.eu-west-3.compute.amazonaws.com | - | Medium
+32 | [13.50.105.97](https://vuldb.com/?ip.13.50.105.97) | ec2-13-50-105-97.eu-north-1.compute.amazonaws.com | - | Medium
+33 | [13.58.85.225](https://vuldb.com/?ip.13.58.85.225) | ec2-13-58-85-225.us-east-2.compute.amazonaws.com | - | Medium
+34 | [13.59.98.191](https://vuldb.com/?ip.13.59.98.191) | ec2-13-59-98-191.us-east-2.compute.amazonaws.com | - | Medium
+35 | [13.59.198.138](https://vuldb.com/?ip.13.59.198.138) | ec2-13-59-198-138.us-east-2.compute.amazonaws.com | - | Medium
+36 | [13.87.92.152](https://vuldb.com/?ip.13.87.92.152) | - | - | High
+37 | [15.184.211.28](https://vuldb.com/?ip.15.184.211.28) | ec2-15-184-211-28.me-south-1.compute.amazonaws.com | - | Medium
+38 | [15.222.6.75](https://vuldb.com/?ip.15.222.6.75) | ec2-15-222-6-75.ca-central-1.compute.amazonaws.com | - | Medium
+39 | [18.117.104.228](https://vuldb.com/?ip.18.117.104.228) | ec2-18-117-104-228.us-east-2.compute.amazonaws.com | - | Medium
+40 | [18.118.140.42](https://vuldb.com/?ip.18.118.140.42) | ec2-18-118-140-42.us-east-2.compute.amazonaws.com | - | Medium
+41 | [18.119.78.203](https://vuldb.com/?ip.18.119.78.203) | ec2-18-119-78-203.us-east-2.compute.amazonaws.com | - | Medium
+42 | [18.133.125.105](https://vuldb.com/?ip.18.133.125.105) | ec2-18-133-125-105.eu-west-2.compute.amazonaws.com | - | Medium
+43 | [18.143.148.26](https://vuldb.com/?ip.18.143.148.26) | ec2-18-143-148-26.ap-southeast-1.compute.amazonaws.com | - | Medium
+44 | [18.188.0.172](https://vuldb.com/?ip.18.188.0.172) | ec2-18-188-0-172.us-east-2.compute.amazonaws.com | - | Medium
+45 | [18.188.231.17](https://vuldb.com/?ip.18.188.231.17) | ec2-18-188-231-17.us-east-2.compute.amazonaws.com | - | Medium
+46 | [18.189.1.24](https://vuldb.com/?ip.18.189.1.24) | ec2-18-189-1-24.us-east-2.compute.amazonaws.com | - | Medium
+47 | [18.189.124.58](https://vuldb.com/?ip.18.189.124.58) | ec2-18-189-124-58.us-east-2.compute.amazonaws.com | - | Medium
+48 | [18.190.119.137](https://vuldb.com/?ip.18.190.119.137) | ec2-18-190-119-137.us-east-2.compute.amazonaws.com | - | Medium
+49 | [18.196.231.230](https://vuldb.com/?ip.18.196.231.230) | ec2-18-196-231-230.eu-central-1.compute.amazonaws.com | - | Medium
+50 | [18.202.28.86](https://vuldb.com/?ip.18.202.28.86) | ec2-18-202-28-86.eu-west-1.compute.amazonaws.com | - | Medium
+51 | [18.204.142.71](https://vuldb.com/?ip.18.204.142.71) | egress.relaysecure.com | - | High
+52 | [18.208.213.147](https://vuldb.com/?ip.18.208.213.147) | ec2-18-208-213-147.compute-1.amazonaws.com | - | Medium
+53 | [18.217.73.143](https://vuldb.com/?ip.18.217.73.143) | ec2-18-217-73-143.us-east-2.compute.amazonaws.com | - | Medium
+54 | [18.218.44.20](https://vuldb.com/?ip.18.218.44.20) | ec2-18-218-44-20.us-east-2.compute.amazonaws.com | - | Medium
+55 | [18.220.53.56](https://vuldb.com/?ip.18.220.53.56) | ec2-18-220-53-56.us-east-2.compute.amazonaws.com | - | Medium
+56 | [18.221.160.80](https://vuldb.com/?ip.18.221.160.80) | ec2-18-221-160-80.us-east-2.compute.amazonaws.com | - | Medium
+57 | [18.222.81.233](https://vuldb.com/?ip.18.222.81.233) | ec2-18-222-81-233.us-east-2.compute.amazonaws.com | - | Medium
+58 | [18.222.116.178](https://vuldb.com/?ip.18.222.116.178) | ec2-18-222-116-178.us-east-2.compute.amazonaws.com | - | Medium
+59 | [20.13.154.2](https://vuldb.com/?ip.20.13.154.2) | - | - | High
+60 | ... | ... | ... | ...

-There are 223 more IOC items available. Please use our online service to access the data.
+There are 234 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -115,12 +118,14 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/3.12.70.100
 * https://search.censys.io/hosts/3.12.113.100
 * https://search.censys.io/hosts/3.19.132.170
+* https://search.censys.io/hosts/3.20.119.241
 * https://search.censys.io/hosts/3.21.214.24
 * https://search.censys.io/hosts/3.65.94.188
 * https://search.censys.io/hosts/3.121.141.12
 * https://search.censys.io/hosts/3.128.165.237
 * https://search.censys.io/hosts/3.131.227.105
 * https://search.censys.io/hosts/3.132.230.8
+* https://search.censys.io/hosts/3.133.158.78
 * https://search.censys.io/hosts/3.134.198.51
 * https://search.censys.io/hosts/3.138.120.116
 * https://search.censys.io/hosts/3.140.197.153
@ -136,12 +141,14 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/3.253.101.91
 * https://search.censys.io/hosts/3.253.111.92
 * https://search.censys.io/hosts/5.45.118.168
+* https://search.censys.io/hosts/5.78.75.82
 * https://search.censys.io/hosts/8.219.195.188
 * https://search.censys.io/hosts/12.181.65.210
 * https://search.censys.io/hosts/13.37.231.184
 * https://search.censys.io/hosts/13.50.105.97
 * https://search.censys.io/hosts/13.58.85.225
 * https://search.censys.io/hosts/13.59.98.191
+* https://search.censys.io/hosts/13.59.198.138
 * https://search.censys.io/hosts/13.87.92.152
 * https://search.censys.io/hosts/15.184.211.28
 * https://search.censys.io/hosts/15.222.6.75
@ -159,6 +166,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/18.202.28.86
 * https://search.censys.io/hosts/18.204.142.71
 * https://search.censys.io/hosts/18.208.213.147
+* https://search.censys.io/hosts/18.217.73.143
 * https://search.censys.io/hosts/18.218.44.20
 * https://search.censys.io/hosts/18.220.53.56
 * https://search.censys.io/hosts/18.221.160.80
@ -191,6 +199,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/34.252.16.250
 * https://search.censys.io/hosts/34.254.63.103
 * https://search.censys.io/hosts/35.171.153.152
+* https://search.censys.io/hosts/35.179.16.154
 * https://search.censys.io/hosts/35.180.123.217
 * https://search.censys.io/hosts/35.180.238.137
 * https://search.censys.io/hosts/35.242.163.216
@ -245,6 +254,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/62.182.159.155
 * https://search.censys.io/hosts/63.32.112.45
 * https://search.censys.io/hosts/63.33.70.163
+* https://search.censys.io/hosts/63.35.181.86
 * https://search.censys.io/hosts/64.73.162.11
 * https://search.censys.io/hosts/64.226.68.20
 * https://search.censys.io/hosts/64.226.100.189
@ -260,6 +270,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/78.47.126.26
 * https://search.censys.io/hosts/78.128.99.215
 * https://search.censys.io/hosts/80.85.155.43
+* https://search.censys.io/hosts/80.85.156.184
 * https://search.censys.io/hosts/82.65.153.201
 * https://search.censys.io/hosts/86.3.50.68
 * https://search.censys.io/hosts/86.105.227.103
@ -284,6 +295,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/104.194.222.50
 * https://search.censys.io/hosts/104.237.11.5
 * https://search.censys.io/hosts/107.148.131.107
+* https://search.censys.io/hosts/107.175.172.171
 * https://search.censys.io/hosts/109.120.182.2
 * https://search.censys.io/hosts/109.248.6.221
 * https://search.censys.io/hosts/109.248.6.246
@ -312,6 +324,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/138.197.186.95
 * https://search.censys.io/hosts/139.162.138.252
 * https://search.censys.io/hosts/139.162.185.21
+* https://search.censys.io/hosts/139.177.189.73
 * https://search.censys.io/hosts/142.93.242.149
 * https://search.censys.io/hosts/143.198.0.217
 * https://search.censys.io/hosts/143.198.11.108
@ -326,6 +339,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/157.245.113.142
 * https://search.censys.io/hosts/157.245.118.196
 * https://search.censys.io/hosts/159.65.130.138
+* https://search.censys.io/hosts/159.65.193.223
 * https://search.censys.io/hosts/159.89.136.178
 * https://search.censys.io/hosts/159.203.143.27
 * https://search.censys.io/hosts/159.223.76.66
@ -350,6 +364,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/172.96.137.14
 * https://search.censys.io/hosts/172.96.137.139
 * https://search.censys.io/hosts/172.96.137.149
+* https://search.censys.io/hosts/172.104.149.134
 * https://search.censys.io/hosts/172.104.239.242
 * https://search.censys.io/hosts/172.105.122.176
 * https://search.censys.io/hosts/173.82.120.231
@ -387,9 +402,11 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/209.222.17.15
 * https://search.censys.io/hosts/213.32.72.95
 * https://search.censys.io/hosts/213.227.155.89
+* https://search.censys.io/hosts/213.227.155.115
 * https://search.censys.io/hosts/213.232.235.37
 * https://search.censys.io/hosts/216.238.108.203
 * https://search.censys.io/hosts/216.238.111.216
+* https://search.censys.io/hosts/217.182.253.107

 ## Literature

--- a/actors/Rocke/README.md
+++ b/actors/Rocke/README.md
@ -70,38 +70,37 @@ ID | Type | Indicator | Confidence
 5 | File | `/api/admin/system/store/order/list` | High
 6 | File | `/apply_noauth.cgi` | High
 7 | File | `/auth/fn.php` | Medium
-8 | File | `/bin/sh` | Low
-9 | File | `/cgi-bin/ExportLogs.sh` | High
-10 | File | `/classes/Master.php?f=save_service` | High
-11 | File | `/classes/Users.php?f=save` | High
-12 | File | `/common/sysFile/list` | High
-13 | File | `/context/%2e/WEB-INF/web.xml` | High
-14 | File | `/data/remove` | Medium
-15 | File | `/debug/pprof` | Medium
-16 | File | `/Default/Bd` | Medium
-17 | File | `/dist/index.js` | High
-18 | File | `/editor/index.php` | High
-19 | File | `/Electron/download` | High
-20 | File | `/etc/openstack-dashboard/local_settings` | High
-21 | File | `/etc/passwd` | Medium
-22 | File | `/goform/addressNat` | High
-23 | File | `/goForm/aspForm` | High
-24 | File | `/inc/jquery/uploadify/uploadify.php` | High
-25 | File | `/include/Model/Upload.php` | High
-26 | File | `/js/player/dmplayer/dmku/index.php` | High
-27 | File | `/kruxton/sales_report.php` | High
-28 | File | `/message/form/` | High
-29 | File | `/nasm/nasm-token.re` | High
-30 | File | `/orrs/admin/?page=user/manage_user` | High
-31 | File | `/param.file.tgz` | High
-32 | File | `/php-jms/updateBlankTxtview.php` | High
-33 | File | `/product/savenewproduct.php?flag=1` | High
-34 | File | `/rrdp` | Low
-35 | File | `/secure/QueryComponent!Default.jspa` | High
-36 | File | `/send_order.cgi?parameter=access_detect` | High
-37 | ... | ... | ...
+8 | File | `/bin/ate` | Medium
+9 | File | `/bin/sh` | Low
+10 | File | `/cgi-bin/ExportLogs.sh` | High
+11 | File | `/classes/Master.php?f=delete_category` | High
+12 | File | `/classes/Master.php?f=save_service` | High
+13 | File | `/classes/Users.php?f=save` | High
+14 | File | `/common/sysFile/list` | High
+15 | File | `/context/%2e/WEB-INF/web.xml` | High
+16 | File | `/data/remove` | Medium
+17 | File | `/debug/pprof` | Medium
+18 | File | `/Default/Bd` | Medium
+19 | File | `/dist/index.js` | High
+20 | File | `/editor/index.php` | High
+21 | File | `/Electron/download` | High
+22 | File | `/etc/openstack-dashboard/local_settings` | High
+23 | File | `/etc/passwd` | Medium
+24 | File | `/goform/addressNat` | High
+25 | File | `/goForm/aspForm` | High
+26 | File | `/inc/jquery/uploadify/uploadify.php` | High
+27 | File | `/include/Model/Upload.php` | High
+28 | File | `/js/player/dmplayer/dmku/index.php` | High
+29 | File | `/kruxton/sales_report.php` | High
+30 | File | `/message/form/` | High
+31 | File | `/nasm/nasm-token.re` | High
+32 | File | `/news/*.html` | Medium
+33 | File | `/orrs/admin/?page=user/manage_user` | High
+34 | File | `/param.file.tgz` | High
+35 | File | `/php-jms/updateBlankTxtview.php` | High
+36 | ... | ... | ...

-There are 318 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 307 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/STRRat/README.md
+++ b/actors/STRRat/README.md
@ -51,25 +51,26 @@ ID | IP address | Hostname | Campaign | Confidence
 28 | [37.120.247.13](https://vuldb.com/?ip.37.120.247.13) | - | - | High
 29 | [37.221.114.90](https://vuldb.com/?ip.37.221.114.90) | - | - | High
 30 | [45.9.168.40](https://vuldb.com/?ip.45.9.168.40) | - | - | High
-31 | [45.61.168.73](https://vuldb.com/?ip.45.61.168.73) | - | - | High
-32 | [45.66.230.68](https://vuldb.com/?ip.45.66.230.68) | - | - | High
-33 | [45.66.230.138](https://vuldb.com/?ip.45.66.230.138) | - | - | High
-34 | [45.87.61.211](https://vuldb.com/?ip.45.87.61.211) | - | - | High
-35 | [45.88.67.63](https://vuldb.com/?ip.45.88.67.63) | - | - | High
-36 | [45.88.67.229](https://vuldb.com/?ip.45.88.67.229) | - | - | High
-37 | [45.95.169.160](https://vuldb.com/?ip.45.95.169.160) | - | - | High
-38 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
-39 | [45.133.1.72](https://vuldb.com/?ip.45.133.1.72) | - | - | High
-40 | [45.133.174.157](https://vuldb.com/?ip.45.133.174.157) | - | - | High
-41 | [45.137.22.89](https://vuldb.com/?ip.45.137.22.89) | hosted-by.rootlayer.net | - | High
-42 | [45.137.22.131](https://vuldb.com/?ip.45.137.22.131) | hosted-by.rootlayer.net | - | High
-43 | [45.137.22.141](https://vuldb.com/?ip.45.137.22.141) | hosted-by.rootlayer.net | - | High
-44 | [45.137.22.150](https://vuldb.com/?ip.45.137.22.150) | hosted-by.rootlayer.net | - | High
-45 | [45.137.22.170](https://vuldb.com/?ip.45.137.22.170) | hosted-by.rootlayer.net | - | High
-46 | [45.137.22.251](https://vuldb.com/?ip.45.137.22.251) | hosted-by.rootlayer.net | - | High
-47 | ... | ... | ... | ...
+31 | [45.12.253.130](https://vuldb.com/?ip.45.12.253.130) | - | - | High
+32 | [45.61.168.73](https://vuldb.com/?ip.45.61.168.73) | - | - | High
+33 | [45.66.230.68](https://vuldb.com/?ip.45.66.230.68) | - | - | High
+34 | [45.66.230.138](https://vuldb.com/?ip.45.66.230.138) | - | - | High
+35 | [45.87.61.211](https://vuldb.com/?ip.45.87.61.211) | - | - | High
+36 | [45.88.67.63](https://vuldb.com/?ip.45.88.67.63) | - | - | High
+37 | [45.88.67.229](https://vuldb.com/?ip.45.88.67.229) | - | - | High
+38 | [45.95.169.160](https://vuldb.com/?ip.45.95.169.160) | - | - | High
+39 | [45.133.1.47](https://vuldb.com/?ip.45.133.1.47) | - | - | High
+40 | [45.133.1.72](https://vuldb.com/?ip.45.133.1.72) | - | - | High
+41 | [45.133.174.157](https://vuldb.com/?ip.45.133.174.157) | - | - | High
+42 | [45.137.22.89](https://vuldb.com/?ip.45.137.22.89) | hosted-by.rootlayer.net | - | High
+43 | [45.137.22.131](https://vuldb.com/?ip.45.137.22.131) | hosted-by.rootlayer.net | - | High
+44 | [45.137.22.141](https://vuldb.com/?ip.45.137.22.141) | hosted-by.rootlayer.net | - | High
+45 | [45.137.22.150](https://vuldb.com/?ip.45.137.22.150) | hosted-by.rootlayer.net | - | High
+46 | [45.137.22.170](https://vuldb.com/?ip.45.137.22.170) | hosted-by.rootlayer.net | - | High
+47 | [45.137.22.251](https://vuldb.com/?ip.45.137.22.251) | hosted-by.rootlayer.net | - | High
+48 | ... | ... | ... | ...

-There are 185 more IOC items available. Please use our online service to access the data.
+There are 186 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -84,7 +85,7 @@ ID | Technique | Weakness | Description | Confidence
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 21 more TTP items available. Please use our online service to access the data.
+There are 22 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -102,60 +103,61 @@ ID | Type | Indicator | Confidence
 8 | File | `/admin/index2.html` | High
 9 | File | `/admin/maintenance/brand.php` | High
 10 | File | `/admin/mechanics/manage_mechanic.php` | High
-11 | File | `/admin/user/manage_user.php` | High
-12 | File | `/admin/voters_row.php` | High
-13 | File | `/ad_js.php` | Medium
-14 | File | `/agc/vicidial.php` | High
-15 | File | `/ajax.php?action=save_company` | High
-16 | File | `/ajax.php?action=save_user` | High
-17 | File | `/ajax/myshop` | Medium
-18 | File | `/alphaware/summary.php` | High
-19 | File | `/alumni/admin/ajax.php?action=save_settings` | High
-20 | File | `/api/` | Low
-21 | File | `/api/admin/store/product/list` | High
-22 | File | `/api/gen/clients/{language}` | High
-23 | File | `/api/stl/actions/search` | High
-24 | File | `/api/v2/cli/commands` | High
-25 | File | `/APR/signup.php` | High
-26 | File | `/authenticationendpoint/login.do` | High
-27 | File | `/aux` | Low
-28 | File | `/backup.pl` | Medium
-29 | File | `/boat/login.php` | High
-30 | File | `/cas/logout` | Medium
-31 | File | `/categorypage.php` | High
-32 | File | `/cgi-bin` | Medium
-33 | File | `/cgi-bin/system_mgr.cgi` | High
-34 | File | `/cgi-bin/wlogin.cgi` | High
-35 | File | `/cha.php` | Medium
-36 | File | `/College/admin/teacher.php` | High
-37 | File | `/contactform/contactform.php` | High
-38 | File | `/dayrui/Fcms/View/system_log.html` | High
-39 | File | `/debug/pprof` | Medium
-40 | File | `/drivers/block/floppy.c` | High
-41 | File | `/ecommerce/admin/category/controller.php` | High
-42 | File | `/env` | Low
-43 | File | `/etc/config/product.ini` | High
-44 | File | `/etc/shadow` | Medium
-45 | File | `/eval/admin/manage_class.php` | High
-46 | File | `/fos/admin/ajax.php` | High
-47 | File | `/goform/aspForm` | High
-48 | File | `/goform/WifiGuestSet` | High
-49 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
-50 | File | `/kelasdosen/data` | High
-51 | File | `/modules/projects/vw_files.php` | High
-52 | File | `/Moosikay/order.php` | High
-53 | File | `/multi-vendor-shopping-script/product-list.php` | High
-54 | File | `/nasm/nasm-parse.c` | High
-55 | File | `/ordering/admin/orders/loaddata.php` | High
-56 | File | `/ordering/admin/stockin/loaddata.php` | High
-57 | File | `/philosophy/admin/login.php` | High
-58 | File | `/php-opos/login.php` | High
-59 | File | `/priv_mgt.html` | High
-60 | File | `/reservation/add_message.php` | High
-61 | File | `/resources//../` | High
-62 | ... | ... | ...
+11 | File | `/admin/positions_add.php` | High
+12 | File | `/admin/user/manage_user.php` | High
+13 | File | `/admin/voters_row.php` | High
+14 | File | `/ad_js.php` | Medium
+15 | File | `/agc/vicidial.php` | High
+16 | File | `/ajax.php?action=save_company` | High
+17 | File | `/ajax.php?action=save_user` | High
+18 | File | `/ajax/myshop` | Medium
+19 | File | `/alphaware/summary.php` | High
+20 | File | `/alumni/admin/ajax.php?action=save_settings` | High
+21 | File | `/api/` | Low
+22 | File | `/api/admin/store/product/list` | High
+23 | File | `/api/gen/clients/{language}` | High
+24 | File | `/api/stl/actions/search` | High
+25 | File | `/api/v2/cli/commands` | High
+26 | File | `/APR/signup.php` | High
+27 | File | `/authenticationendpoint/login.do` | High
+28 | File | `/aux` | Low
+29 | File | `/backup.pl` | Medium
+30 | File | `/bin/ate` | Medium
+31 | File | `/boat/login.php` | High
+32 | File | `/cas/logout` | Medium
+33 | File | `/categorypage.php` | High
+34 | File | `/cgi-bin` | Medium
+35 | File | `/cgi-bin/system_mgr.cgi` | High
+36 | File | `/cgi-bin/wlogin.cgi` | High
+37 | File | `/cha.php` | Medium
+38 | File | `/College/admin/teacher.php` | High
+39 | File | `/contactform/contactform.php` | High
+40 | File | `/dayrui/Fcms/View/system_log.html` | High
+41 | File | `/debug/pprof` | Medium
+42 | File | `/drivers/block/floppy.c` | High
+43 | File | `/ecommerce/admin/category/controller.php` | High
+44 | File | `/env` | Low
+45 | File | `/etc/shadow` | Medium
+46 | File | `/eval/admin/manage_class.php` | High
+47 | File | `/fos/admin/ajax.php` | High
+48 | File | `/goform/aspForm` | High
+49 | File | `/goform/WifiGuestSet` | High
+50 | File | `/index.php?s=/article/ApiAdminArticle/itemAdd` | High
+51 | File | `/kelasdosen/data` | High
+52 | File | `/modules/projects/vw_files.php` | High
+53 | File | `/Moosikay/order.php` | High
+54 | File | `/multi-vendor-shopping-script/product-list.php` | High
+55 | File | `/nasm/nasm-parse.c` | High
+56 | File | `/ordering/admin/orders/loaddata.php` | High
+57 | File | `/ordering/admin/stockin/loaddata.php` | High
+58 | File | `/philosophy/admin/login.php` | High
+59 | File | `/php-opos/login.php` | High
+60 | File | `/php-sms/admin/?page=user/manage_user` | High
+61 | File | `/priv_mgt.html` | High
+62 | File | `/reservation/add_message.php` | High
+63 | ... | ... | ...

-There are 547 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 549 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/Saefko/README.md
+++ b/actors/Saefko/README.md
@ -0,0 +1,30 @@
+# Saefko - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Saefko](https://vuldb.com/?actor.saefko). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.saefko](https://vuldb.com/?actor.saefko)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Saefko.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [3.121.182.157](https://vuldb.com/?ip.3.121.182.157) | ec2-3-121-182-157.eu-central-1.compute.amazonaws.com | - | Medium
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.zscaler.com/blogs/research/saefko-new-multi-layered-rat
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/ServHelper/README.md
+++ b/actors/ServHelper/README.md
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce

 * [US](https://vuldb.com/?country.us)
 * [CN](https://vuldb.com/?country.cn)
-* [GB](https://vuldb.com/?country.gb)
+* [RU](https://vuldb.com/?country.ru)
 * ...

-There are 5 more country items available. Please use our online service to access the data.
+There are 7 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -21,9 +21,12 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi

 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
-1 | [185.163.45.248](https://vuldb.com/?ip.185.163.45.248) | no-rdns.mivocloud.com | - | High
-2 | [194.180.174.20](https://vuldb.com/?ip.194.180.174.20) | 194-180-174-20.mivocloud.com | - | High
-3 | [194.180.174.56](https://vuldb.com/?ip.194.180.174.56) | no-rdns.mivocloud.com | - | High
+1 | [5.181.156.79](https://vuldb.com/?ip.5.181.156.79) | 5-181-156-79.mivocloud.com | - | High
+2 | [5.181.156.250](https://vuldb.com/?ip.5.181.156.250) | no-rdns.mivocloud.com | - | High
+3 | [45.77.122.108](https://vuldb.com/?ip.45.77.122.108) | 45.77.122.108.vultrusercontent.com | - | High
+4 | ... | ... | ... | ...
+
+There are 10 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -37,7 +40,7 @@ ID | Technique | Weakness | Description | Confidence
 4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 5 | ... | ... | ... | ...

-There are 14 more TTP items available. Please use our online service to access the data.
+There are 16 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -45,28 +48,36 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `/admin/admin_login.php` | High
-2 | File | `/api/addusers` | High
-3 | File | `/api/RecordingList/DownloadRecord?file=` | High
-4 | File | `/apply.cgi` | Medium
-5 | File | `/debug/pprof` | Medium
-6 | File | `/etc/config/rpcd` | High
-7 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
-8 | File | `/public/login.htm` | High
-9 | File | `/rapi/read_url` | High
-10 | File | `/sendKey` | Medium
-11 | File | `/setSystemAdmin` | High
-12 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
-13 | File | `adclick.php` | Medium
-14 | File | `admin/Login.php` | High
-15 | ... | ... | ...
+1 | File | `/.env` | Low
+2 | File | `/admin/admin_login.php` | High
+3 | File | `/api/addusers` | High
+4 | File | `/api/RecordingList/DownloadRecord?file=` | High
+5 | File | `/apply.cgi` | Medium
+6 | File | `/debug/pprof` | Medium
+7 | File | `/etc/config/rpcd` | High
+8 | File | `/login` | Low
+9 | File | `/OA_HTML/cabo/jsps/a.jsp` | High
+10 | File | `/public/login.htm` | High
+11 | File | `/rapi/read_url` | High
+12 | File | `/sendKey` | Medium
+13 | File | `/setSystemAdmin` | High
+14 | File | `/tmp` | Low
+15 | File | `/type.php` | Medium
+16 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
+17 | File | `adclick.php` | Medium
+18 | ... | ... | ...

-There are 119 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 147 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

+* https://bazaar.abuse.ch/sample/58514fa7288607858aae17799ded4bb96d5f9b78733ad1ca2cece597d5516d44/
+* https://bazaar.abuse.ch/sample/bac78c78e97c8458437ffcbb31b4a54a141200a8cb656eac2dcab06691bc4a91/
+* https://bazaar.abuse.ch/sample/be31a5c1391bbc1c62d8f2c9fbebb9147ba69371fd8e7fcf81fcb5a9ac6ddf73/
+* https://bazaar.abuse.ch/sample/d53c9d7349bdbee8f73709c263cb08c2ca721365bb0670993b81fe2fd9200bac/
+* https://bazaar.abuse.ch/sample/d6372afdd18503ab17f18ebec05254727c7a0377d425bc74e4ae12ffe6243c4c/
 * https://bazaar.abuse.ch/sample/f60f32ec899bcb92fd50491a8c32f0548afbd4dc02462dfa373d484b4b161a86/
 * https://threatfox.abuse.ch

--- a/actors/Skygofree/README.md
+++ b/actors/Skygofree/README.md
@ -0,0 +1,65 @@
+# Skygofree - Cyber Threat Intelligence
+
+These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Skygofree](https://vuldb.com/?actor.skygofree). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
+
+_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.skygofree](https://vuldb.com/?actor.skygofree)
+
+## Countries
+
+These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Skygofree:
+
+* [IT](https://vuldb.com/?country.it)
+* [US](https://vuldb.com/?country.us)
+
+## IOC - Indicator of Compromise
+
+These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Skygofree.
+
+ID | IP address | Hostname | Campaign | Confidence
+-- | ---------- | -------- | -------- | ----------
+1 | [54.67.109.199](https://vuldb.com/?ip.54.67.109.199) | ec2-54-67-109-199.us-west-1.compute.amazonaws.com | - | Medium
+2 | [79.3.197.89](https://vuldb.com/?ip.79.3.197.89) | host-79-3-197-89.business.telecomitalia.it | - | High
+3 | [217.194.13.133](https://vuldb.com/?ip.217.194.13.133) | vm3810.cloud.seeweb.it | - | High
+
+## TTP - Tactics, Techniques, Procedures
+
+_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Skygofree_. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Technique | Weakness | Description | Confidence
+-- | --------- | -------- | ----------- | ----------
+1 | T1006 | CWE-22 | Pathname Traversal | High
+2 | T1059 | CWE-94 | Cross Site Scripting | High
+3 | T1059.007 | CWE-79 | Cross Site Scripting | High
+4 | ... | ... | ... | ...
+
+There are 6 more TTP items available. Please use our online service to access the data.
+
+## IOA - Indicator of Attack
+
+These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Skygofree. This data is unique as it uses our predictive model for actor profiling.
+
+ID | Type | Indicator | Confidence
+-- | ---- | --------- | ----------
+1 | File | `AudioSource.cpp` | High
+2 | File | `avrc_pars_tg.cc` | High
+3 | File | `core.c` | Low
+4 | ... | ... | ...
+
+There are 21 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+
+## References
+
+The following list contains _external sources_ which discuss the actor and the associated activities:
+
+* https://www.cyber45.com
+
+## Literature
+
+The following _articles_ explain our unique predictive cyber threat intelligence:
+
+* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
+* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
+
+## License
+
+(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
--- a/actors/Sliver/README.md
+++ b/actors/Sliver/README.md
@ -136,9 +136,11 @@ ID | IP address | Hostname | Campaign | Confidence
 113 | [45.9.148.212](https://vuldb.com/?ip.45.9.148.212) | - | - | High
 114 | [45.9.148.252](https://vuldb.com/?ip.45.9.148.252) | - | - | High
 115 | [45.9.150.109](https://vuldb.com/?ip.45.9.150.109) | - | - | High
-116 | ... | ... | ... | ...
+116 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
+117 | [45.14.224.102](https://vuldb.com/?ip.45.14.224.102) | hosted-by.spectraip.net | - | High
+118 | ... | ... | ... | ...

-There are 460 more IOC items available. Please use our online service to access the data.
+There are 467 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -147,7 +149,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
 ID | Technique | Weakness | Description | Confidence
 -- | --------- | -------- | ----------- | ----------
 1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
-2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
+2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
@ -205,19 +207,19 @@ ID | Type | Indicator | Confidence
 42 | File | `/ServletAPI/accounts/login` | High
 43 | File | `/uncpath/` | Medium
 44 | File | `/user/updatePwd` | High
-45 | File | `/webman/info.cgi` | High
-46 | File | `/wireless/security.asp` | High
-47 | File | `/wp-admin/admin-ajax.php` | High
-48 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
-49 | File | `01article.php` | High
-50 | File | `a-forms.php` | Medium
-51 | File | `acloudCosAction.php.SQL` | High
-52 | File | `activenews_view.asp` | High
-53 | File | `ActiveServices.java` | High
-54 | File | `adclick.php` | Medium
+45 | File | `/var/lib/docker/<remapping>` | High
+46 | File | `/webman/info.cgi` | High
+47 | File | `/wireless/security.asp` | High
+48 | File | `/wp-admin/admin-ajax.php` | High
+49 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
+50 | File | `01article.php` | High
+51 | File | `a-forms.php` | Medium
+52 | File | `acloudCosAction.php.SQL` | High
+53 | File | `activenews_view.asp` | High
+54 | File | `ActiveServices.java` | High
 55 | ... | ... | ...

-There are 482 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 481 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

@ -286,6 +288,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/45.120.52.149
 * https://search.censys.io/hosts/45.134.83.252
 * https://search.censys.io/hosts/45.142.166.93
+* https://search.censys.io/hosts/45.152.114.93
 * https://search.censys.io/hosts/45.154.14.194
 * https://search.censys.io/hosts/45.227.255.185
 * https://search.censys.io/hosts/45.227.255.217
@ -303,6 +306,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/51.178.81.117
 * https://search.censys.io/hosts/52.40.129.127
 * https://search.censys.io/hosts/52.53.230.115
+* https://search.censys.io/hosts/52.70.185.38
 * https://search.censys.io/hosts/54.152.37.54
 * https://search.censys.io/hosts/54.165.231.50
 * https://search.censys.io/hosts/54.197.29.26
@ -331,11 +335,14 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/93.95.229.168
 * https://search.censys.io/hosts/95.164.46.194
 * https://search.censys.io/hosts/95.170.68.91
+* https://search.censys.io/hosts/95.214.27.241
 * https://search.censys.io/hosts/95.216.192.109
 * https://search.censys.io/hosts/97.107.134.18
 * https://search.censys.io/hosts/101.35.172.163
+* https://search.censys.io/hosts/101.35.234.201
 * https://search.censys.io/hosts/101.35.253.83
 * https://search.censys.io/hosts/101.36.121.133
+* https://search.censys.io/hosts/101.37.91.112
 * https://search.censys.io/hosts/101.43.156.89
 * https://search.censys.io/hosts/103.56.19.196
 * https://search.censys.io/hosts/103.87.10.156
@ -363,6 +370,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/119.91.77.189
 * https://search.censys.io/hosts/120.24.42.20
 * https://search.censys.io/hosts/121.199.2.153
+* https://search.censys.io/hosts/123.57.39.29
 * https://search.censys.io/hosts/124.71.84.65
 * https://search.censys.io/hosts/128.199.38.50
 * https://search.censys.io/hosts/129.211.212.112
@ -381,6 +389,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/139.177.203.214
 * https://search.censys.io/hosts/139.224.50.7
 * https://search.censys.io/hosts/139.224.254.195
+* https://search.censys.io/hosts/140.82.6.222
 * https://search.censys.io/hosts/140.238.226.66
 * https://search.censys.io/hosts/141.164.45.81
 * https://search.censys.io/hosts/141.164.50.44
@ -389,6 +398,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/143.110.155.198
 * https://search.censys.io/hosts/143.110.240.214
 * https://search.censys.io/hosts/143.110.252.93
+* https://search.censys.io/hosts/143.198.40.42
 * https://search.censys.io/hosts/143.244.185.237
 * https://search.censys.io/hosts/144.22.135.107
 * https://search.censys.io/hosts/144.22.230.36
@ -407,6 +417,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://search.censys.io/hosts/157.245.96.88
 * https://search.censys.io/hosts/158.247.217.247
 * https://search.censys.io/hosts/159.65.62.90
+* https://search.censys.io/hosts/159.223.189.221
 * https://search.censys.io/hosts/161.35.214.132
 * https://search.censys.io/hosts/162.33.177.72
 * https://search.censys.io/hosts/162.33.177.203
--- a/actors/SmokeLoader/README.md
+++ b/actors/SmokeLoader/README.md
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [ES](https://vuldb.com/?country.es)
 * ...

-There are 13 more country items available. Please use our online service to access the data.
+There are 12 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -28,23 +28,26 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
 1 | [5.9.224.217](https://vuldb.com/?ip.5.9.224.217) | static.217.224.9.5.clients.your-server.de | - | High
-2 | [5.135.183.146](https://vuldb.com/?ip.5.135.183.146) | freya.stelas.de | Tsunami | High
-3 | [5.196.8.173](https://vuldb.com/?ip.5.196.8.173) | vps-b5645e9a.vps.ovh.net | - | High
-4 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
-5 | [20.45.1.107](https://vuldb.com/?ip.20.45.1.107) | - | - | High
-6 | [23.0.48.75](https://vuldb.com/?ip.23.0.48.75) | a23-0-48-75.deploy.static.akamaitechnologies.com | - | High
-7 | [23.0.209.167](https://vuldb.com/?ip.23.0.209.167) | a23-0-209-167.deploy.static.akamaitechnologies.com | - | High
-8 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
-9 | [23.6.69.99](https://vuldb.com/?ip.23.6.69.99) | a23-6-69-99.deploy.static.akamaitechnologies.com | - | High
-10 | [23.13.211.142](https://vuldb.com/?ip.23.13.211.142) | a23-13-211-142.deploy.static.akamaitechnologies.com | - | High
-11 | [23.20.239.12](https://vuldb.com/?ip.23.20.239.12) | ec2-23-20-239-12.compute-1.amazonaws.com | - | Medium
-12 | [23.66.61.153](https://vuldb.com/?ip.23.66.61.153) | a23-66-61-153.deploy.static.akamaitechnologies.com | - | High
-13 | [23.193.177.127](https://vuldb.com/?ip.23.193.177.127) | a23-193-177-127.deploy.static.akamaitechnologies.com | - | High
-14 | [23.218.40.161](https://vuldb.com/?ip.23.218.40.161) | a23-218-40-161.deploy.static.akamaitechnologies.com | - | High
-15 | [23.221.48.201](https://vuldb.com/?ip.23.221.48.201) | a23-221-48-201.deploy.static.akamaitechnologies.com | - | High
-16 | ... | ... | ... | ...
+2 | [5.101.0.32](https://vuldb.com/?ip.5.101.0.32) | - | - | High
+3 | [5.135.183.146](https://vuldb.com/?ip.5.135.183.146) | freya.stelas.de | Tsunami | High
+4 | [5.196.8.173](https://vuldb.com/?ip.5.196.8.173) | vps-b5645e9a.vps.ovh.net | - | High
+5 | [13.107.21.200](https://vuldb.com/?ip.13.107.21.200) | - | - | High
+6 | [20.45.1.107](https://vuldb.com/?ip.20.45.1.107) | - | - | High
+7 | [23.0.48.75](https://vuldb.com/?ip.23.0.48.75) | a23-0-48-75.deploy.static.akamaitechnologies.com | - | High
+8 | [23.0.209.167](https://vuldb.com/?ip.23.0.209.167) | a23-0-209-167.deploy.static.akamaitechnologies.com | - | High
+9 | [23.3.13.154](https://vuldb.com/?ip.23.3.13.154) | a23-3-13-154.deploy.static.akamaitechnologies.com | - | High
+10 | [23.6.69.99](https://vuldb.com/?ip.23.6.69.99) | a23-6-69-99.deploy.static.akamaitechnologies.com | - | High
+11 | [23.13.211.142](https://vuldb.com/?ip.23.13.211.142) | a23-13-211-142.deploy.static.akamaitechnologies.com | - | High
+12 | [23.20.239.12](https://vuldb.com/?ip.23.20.239.12) | ec2-23-20-239-12.compute-1.amazonaws.com | - | Medium
+13 | [23.66.61.153](https://vuldb.com/?ip.23.66.61.153) | a23-66-61-153.deploy.static.akamaitechnologies.com | - | High
+14 | [23.193.177.127](https://vuldb.com/?ip.23.193.177.127) | a23-193-177-127.deploy.static.akamaitechnologies.com | - | High
+15 | [23.218.40.161](https://vuldb.com/?ip.23.218.40.161) | a23-218-40-161.deploy.static.akamaitechnologies.com | - | High
+16 | [23.221.48.201](https://vuldb.com/?ip.23.221.48.201) | a23-221-48-201.deploy.static.akamaitechnologies.com | - | High
+17 | [27.102.67.144](https://vuldb.com/?ip.27.102.67.144) | - | - | High
+18 | [31.13.65.36](https://vuldb.com/?ip.31.13.65.36) | edge-star-mini-shv-01-atl3.facebook.com | - | High
+19 | ... | ... | ... | ...

-There are 62 more IOC items available. Please use our online service to access the data.
+There are 73 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -57,9 +60,10 @@ ID | Technique | Weakness | Description | Confidence
 3 | T1055 | CWE-74 | Injection | High
 4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
-6 | ... | ... | ... | ...
+6 | T1068 | CWE-264, CWE-269, CWE-274, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
+7 | ... | ... | ... | ...

-There are 20 more TTP items available. Please use our online service to access the data.
+There are 22 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -67,67 +71,69 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic

 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
-1 | File | `.htaccess` | Medium
-2 | File | `.pref.xml` | Medium
-3 | File | `/admin/admin_login.php` | High
-4 | File | `/admin/edit-doc.php` | High
-5 | File | `/admin/profile/save_profile` | High
-6 | File | `/aux` | Low
-7 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
-8 | File | `/cgi-bin/luci` | High
-9 | File | `/ClickAndBanexDemo/admin/admin.asp` | High
-10 | File | `/config.cgi?webmin` | High
-11 | File | `/config/getuser` | High
-12 | File | `/debug/pprof` | Medium
-13 | File | `/etc/config/rpcd` | High
-14 | File | `/etc/gsissh/sshd_config` | High
-15 | File | `/etc/passwd` | Medium
-16 | File | `/gateway/services/EdgeServiceImpl` | High
-17 | File | `/getcfg.php` | Medium
-18 | File | `/goform/dir_setWanWifi` | High
-19 | File | `/goform/telnet` | High
-20 | File | `/goform/WanParameterSetting` | High
-21 | File | `/HNAP1` | Low
-22 | File | `/include/makecvs.php` | High
-23 | File | `/js/app.js` | Medium
-24 | File | `/knomi/analyze` | High
-25 | File | `/mgmt/tm/util/bash` | High
-26 | File | `/monitoring` | Medium
-27 | File | `/opt/pia/ruby/64/ruby` | High
-28 | File | `/Pwrchute` | Medium
-29 | File | `/reports/rwservlet` | High
-30 | File | `/scripts/iisadmin/bdir.htr` | High
-31 | File | `/setSystemAdmin` | High
-32 | File | `/skyboxview-softwareupdate/services/CollectorSoftwareUpdate` | High
-33 | File | `/tmp` | Low
-34 | File | `/tmp/csman/0` | Medium
-35 | File | `/ui/cbpc/login` | High
-36 | File | `/uncpath/` | Medium
-37 | File | `/usr/local/psa/admin/sbin/wrapper` | High
-38 | File | `/var/hnap/timestamp` | High
-39 | File | `/vloggers_merch/admin/?page=product/manage_product` | High
-40 | File | `/webmail/` | Medium
-41 | File | `/wordpress/wp-admin/admin.php` | High
-42 | File | `/wp-content/plugins/forum-server/feed.php` | High
-43 | File | `/{ADMIN-FILE}/` | High
-44 | File | `a2billing/customer/iridium_threed.php` | High
-45 | File | `address.html` | Medium
-46 | File | `adm/systools.asp` | High
-47 | File | `admin/admin_login.php` | High
-48 | File | `admin/dashboard.php` | High
-49 | ... | ... | ...
+1 | File | `.pref.xml` | Medium
+2 | File | `/acms/classes/Master.php?f=delete_cargo` | High
+3 | File | `/admin.add` | Medium
+4 | File | `/admin.php/news/admin/topic/save` | High
+5 | File | `/admin/admin_login.php` | High
+6 | File | `/admin/comn/service/update.json` | High
+7 | File | `/admin/edit-doc.php` | High
+8 | File | `/admin/profile/save_profile` | High
+9 | File | `/api/v2/labels/` | High
+10 | File | `/aux` | Low
+11 | File | `/cgi-bin/koha/acqui/supplier.pl?op=enter` | High
+12 | File | `/cgi-bin/luci` | High
+13 | File | `/config.cgi?webmin` | High
+14 | File | `/config/getuser` | High
+15 | File | `/debug/pprof` | Medium
+16 | File | `/dev/shm` | Medium
+17 | File | `/dl/dl_print.php` | High
+18 | File | `/etc/gsissh/sshd_config` | High
+19 | File | `/etc/passwd` | Medium
+20 | File | `/gateway/services/EdgeServiceImpl` | High
+21 | File | `/getcfg.php` | Medium
+22 | File | `/goform/dir_setWanWifi` | High
+23 | File | `/goform/telnet` | High
+24 | File | `/goform/WanParameterSetting` | High
+25 | File | `/HNAP1` | Low
+26 | File | `/include/makecvs.php` | High
+27 | File | `/info.xml` | Medium
+28 | File | `/js/app.js` | Medium
+29 | File | `/knomi/analyze` | High
+30 | File | `/mgmt/tm/util/bash` | High
+31 | File | `/monitoring` | Medium
+32 | File | `/ofcms/company-c-47` | High
+33 | File | `/opac/Actions.php?a=login` | High
+34 | File | `/opt/pia/ruby/64/ruby` | High
+35 | File | `/Pwrchute` | Medium
+36 | File | `/scripts/iisadmin/bdir.htr` | High
+37 | File | `/spip.php` | Medium
+38 | File | `/tmp/csman/0` | Medium
+39 | File | `/ui/cbpc/login` | High
+40 | File | `/uncpath/` | Medium
+41 | File | `/usr/sbin/httpd` | High
+42 | File | `/util/print.c` | High
+43 | File | `/var/hnap/timestamp` | High
+44 | File | `/vloggers_merch/admin/?page=product/manage_product` | High
+45 | File | `/web/MCmsAction.java` | High
+46 | File | `/webmail/` | Medium
+47 | ... | ... | ...

-There are 423 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 409 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

+* https://bazaar.abuse.ch/sample/5bbe4ff9dc3e2fb44d356785216d39faa2ea386b1a5227798aea9c2d18b8b3fa/
+* https://bazaar.abuse.ch/sample/5e30a88fb1c9a45bd6697990493098ca05e87b2560172ae89e9811ea887ff8b4/#intel
 * https://blog.talosintelligence.com/2020/01/threat-roundup-0124-0131.html
 * https://blog.talosintelligence.com/2021/07/threat-roundup-0716-0723.html
 * https://community.blueliv.com/#!/s/6333fa0182df417ed0331a1d
 * https://isc.sans.edu/forums/diary/Resumethemed+malspam+pushing+Smoke+Loader/23054/
 * https://research.checkpoint.com/2019/2019-resurgence-of-smokeloader/
+* https://threatfox.abuse.ch
+* https://tria.ge/220511-fxrezafgg2
 * https://unit42.paloaltonetworks.com/analysis-of-smoke-loader-in-new-tsunami-campaign/

 ## Literature
--- a/actors/Snatch/README.md
+++ b/actors/Snatch/README.md
@ -57,42 +57,44 @@ ID | Type | Indicator | Confidence
 3 | File | `/admin/?page=user/manage` | High
 4 | File | `/admin/lab.php` | High
 5 | File | `/admin/login.php` | High
-6 | File | `/ajax.php?action=read_msg` | High
-7 | File | `/assets/components/gallery/connector.php` | High
-8 | File | `/bsms_ci/index.php` | High
-9 | File | `/cms/category/list` | High
-10 | File | `/College/admin/teacher.php` | High
-11 | File | `/Default/Bd` | Medium
-12 | File | `/editbrand.php` | High
-13 | File | `/employeeview.php` | High
-14 | File | `/etc/target` | Medium
-15 | File | `/export` | Low
-16 | File | `/getcfg.php` | Medium
-17 | File | `/goform/WriteFacMac` | High
-18 | File | `/home/kickPlayer` | High
-19 | File | `/home/masterConsole` | High
-20 | File | `/index.php` | Medium
-21 | File | `/lists/admin/user.php` | High
-22 | File | `/mkshop/Men/profile.php` | High
-23 | File | `/movie.php` | Medium
-24 | File | `/news-portal-script/information.php` | High
-25 | File | `/pages/apply_vacancy.php` | High
-26 | File | `/param.file.tgz` | High
-27 | File | `/rest/api/2/user/picker` | High
-28 | File | `/tmp` | Low
-29 | File | `/uncpath/` | Medium
-30 | File | `/var/log/nginx` | High
-31 | File | `/wireless/basic.asp` | High
-32 | File | `/wireless/guestnetwork.asp` | High
-33 | File | `/wp-content/plugins/updraftplus/admin.php` | High
-34 | File | `/_vti_pvt/access.cnf` | High
-35 | File | `adclick.php` | Medium
-36 | File | `admin.php3` | Medium
-37 | File | `admin/abc.php` | High
-38 | File | `admin/add_payment.php` | High
-39 | ... | ... | ...
+6 | File | `/admin/read.php?mudi=announContent` | High
+7 | File | `/ajax.php?action=read_msg` | High
+8 | File | `/api/wechat/app_auth` | High
+9 | File | `/assets/components/gallery/connector.php` | High
+10 | File | `/bsms_ci/index.php` | High
+11 | File | `/cms/category/list` | High
+12 | File | `/College/admin/teacher.php` | High
+13 | File | `/Default/Bd` | Medium
+14 | File | `/editbrand.php` | High
+15 | File | `/employeeview.php` | High
+16 | File | `/etc/target` | Medium
+17 | File | `/export` | Low
+18 | File | `/getcfg.php` | Medium
+19 | File | `/goform/WriteFacMac` | High
+20 | File | `/home/kickPlayer` | High
+21 | File | `/home/masterConsole` | High
+22 | File | `/index.php` | Medium
+23 | File | `/lists/admin/user.php` | High
+24 | File | `/mkshop/Men/profile.php` | High
+25 | File | `/movie.php` | Medium
+26 | File | `/news-portal-script/information.php` | High
+27 | File | `/pages/apply_vacancy.php` | High
+28 | File | `/param.file.tgz` | High
+29 | File | `/paysystem/branch.php` | High
+30 | File | `/rest/api/2/user/picker` | High
+31 | File | `/send_order.cgi?parameter=restart` | High
+32 | File | `/tmp` | Low
+33 | File | `/uncpath/` | Medium
+34 | File | `/var/log/nginx` | High
+35 | File | `/wireless/basic.asp` | High
+36 | File | `/wireless/guestnetwork.asp` | High
+37 | File | `/wp-content/plugins/updraftplus/admin.php` | High
+38 | File | `/_vti_pvt/access.cnf` | High
+39 | File | `adclick.php` | Medium
+40 | File | `admin.php3` | Medium
+41 | ... | ... | ...

-There are 338 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 353 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/SpyEye/README.md
+++ b/actors/SpyEye/README.md
@ -70,19 +70,19 @@ ID | Type | Indicator | Confidence
 5 | File | `/spip.php` | Medium
 6 | File | `/Tools/tools_admin.htm` | High
 7 | File | `/uncpath/` | Medium
-8 | File | `adm/krgourl.php` | High
-9 | File | `admin.php` | Medium
-10 | File | `admin/conf_users_edit.php` | High
-11 | File | `administers` | Medium
-12 | File | `application\User\Controller\ProfileController.class.php` | High
-13 | File | `banner-edit.php` | High
-14 | File | `btif_hd.cc` | Medium
-15 | File | `catchsegv` | Medium
-16 | File | `classes/SystemSettings.php` | High
-17 | File | `classified.php` | High
+8 | File | `addentry.php` | Medium
+9 | File | `adm/krgourl.php` | High
+10 | File | `admin.php` | Medium
+11 | File | `admin/conf_users_edit.php` | High
+12 | File | `administers` | Medium
+13 | File | `application\User\Controller\ProfileController.class.php` | High
+14 | File | `banner-edit.php` | High
+15 | File | `btif_hd.cc` | Medium
+16 | File | `catchsegv` | Medium
+17 | File | `classes/SystemSettings.php` | High
 18 | ... | ... | ...

-There are 150 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 151 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/actors/SystemBC/README.md
+++ b/actors/SystemBC/README.md
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
 * [CN](https://vuldb.com/?country.cn)
 * ...

-There are 22 more country items available. Please use our online service to access the data.
+There are 19 more country items available. Please use our online service to access the data.

 ## IOC - Indicator of Compromise

@ -22,24 +22,25 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
 ID | IP address | Hostname | Campaign | Confidence
 -- | ---------- | -------- | -------- | ----------
 1 | [5.39.221.47](https://vuldb.com/?ip.5.39.221.47) | - | - | High
-2 | [5.61.41.136](https://vuldb.com/?ip.5.61.41.136) | - | - | High
-3 | [5.101.78.2](https://vuldb.com/?ip.5.101.78.2) | - | - | High
-4 | [5.183.95.197](https://vuldb.com/?ip.5.183.95.197) | - | - | High
-5 | [5.199.174.179](https://vuldb.com/?ip.5.199.174.179) | - | - | High
-6 | [5.199.174.223](https://vuldb.com/?ip.5.199.174.223) | - | - | High
-7 | [20.115.47.118](https://vuldb.com/?ip.20.115.47.118) | - | - | High
-8 | [23.95.44.228](https://vuldb.com/?ip.23.95.44.228) | 23-95-44-228-host.colocrossing.com | - | High
-9 | [23.137.249.215](https://vuldb.com/?ip.23.137.249.215) | - | - | High
-10 | [23.227.202.22](https://vuldb.com/?ip.23.227.202.22) | 23-227-202-22.static.hvvc.us | - | High
-11 | [31.41.244.183](https://vuldb.com/?ip.31.41.244.183) | - | - | High
-12 | [31.44.185.6](https://vuldb.com/?ip.31.44.185.6) | - | - | High
-13 | [34.171.171.32](https://vuldb.com/?ip.34.171.171.32) | 32.171.171.34.bc.googleusercontent.com | - | Medium
-14 | [45.11.57.142](https://vuldb.com/?ip.45.11.57.142) | dedicated.vsys.host | - | High
-15 | [45.15.156.48](https://vuldb.com/?ip.45.15.156.48) | - | - | High
-16 | [45.32.132.182](https://vuldb.com/?ip.45.32.132.182) | 45.32.132.182.vultrusercontent.com | - | High
-17 | ... | ... | ... | ...
+2 | [5.42.65.67](https://vuldb.com/?ip.5.42.65.67) | - | - | High
+3 | [5.45.127.115](https://vuldb.com/?ip.5.45.127.115) | s0b7731cb.fastvps-server.com | - | High
+4 | [5.61.41.136](https://vuldb.com/?ip.5.61.41.136) | - | - | High
+5 | [5.101.78.2](https://vuldb.com/?ip.5.101.78.2) | - | - | High
+6 | [5.183.95.197](https://vuldb.com/?ip.5.183.95.197) | - | - | High
+7 | [5.199.174.179](https://vuldb.com/?ip.5.199.174.179) | - | - | High
+8 | [5.199.174.223](https://vuldb.com/?ip.5.199.174.223) | - | - | High
+9 | [20.115.47.118](https://vuldb.com/?ip.20.115.47.118) | - | - | High
+10 | [23.95.44.228](https://vuldb.com/?ip.23.95.44.228) | 23-95-44-228-host.colocrossing.com | - | High
+11 | [23.137.249.215](https://vuldb.com/?ip.23.137.249.215) | - | - | High
+12 | [23.227.202.22](https://vuldb.com/?ip.23.227.202.22) | 23-227-202-22.static.hvvc.us | - | High
+13 | [31.41.244.183](https://vuldb.com/?ip.31.41.244.183) | - | - | High
+14 | [31.44.185.6](https://vuldb.com/?ip.31.44.185.6) | - | - | High
+15 | [34.171.171.32](https://vuldb.com/?ip.34.171.171.32) | 32.171.171.34.bc.googleusercontent.com | - | Medium
+16 | [45.11.57.142](https://vuldb.com/?ip.45.11.57.142) | dedicated.vsys.host | - | High
+17 | [45.15.156.48](https://vuldb.com/?ip.45.15.156.48) | - | - | High
+18 | ... | ... | ... | ...

-There are 63 more IOC items available. Please use our online service to access the data.
+There are 66 more IOC items available. Please use our online service to access the data.

 ## TTP - Tactics, Techniques, Procedures

@ -54,7 +55,7 @@ ID | Technique | Weakness | Description | Confidence
 5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
 6 | ... | ... | ... | ...

-There are 22 more TTP items available. Please use our online service to access the data.
+There are 21 more TTP items available. Please use our online service to access the data.

 ## IOA - Indicator of Attack

@ -101,24 +102,26 @@ ID | Type | Indicator | Confidence
 37 | File | `/param.file.tgz` | High
 38 | File | `/php-jms/review_se_result.php` | High
 39 | File | `/plesk-site-preview/` | High
-40 | File | `/project/PROJECTNAME/reports/` | High
-41 | File | `/school/model/get_admin_profile.php` | High
-42 | File | `/services/prefs.php` | High
-43 | File | `/spip.php` | Medium
-44 | File | `/Status/wan_button_action.asp` | High
-45 | File | `/student-grading-system/rms.php?page=grade` | High
-46 | File | `/template/edit` | High
-47 | File | `/text/pdf/PdfReader.java` | High
-48 | File | `/timeline2.php` | High
-49 | File | `/ucms/chk.php` | High
+40 | File | `/pms/admin/crimes/manage_crime.php` | High
+41 | File | `/project/PROJECTNAME/reports/` | High
+42 | File | `/school/model/get_admin_profile.php` | High
+43 | File | `/sitecore/shell/Invoke.aspx` | High
+44 | File | `/spip.php` | Medium
+45 | File | `/Status/wan_button_action.asp` | High
+46 | File | `/student-grading-system/rms.php?page=grade` | High
+47 | File | `/template/edit` | High
+48 | File | `/text/pdf/PdfReader.java` | High
+49 | File | `/timeline2.php` | High
 50 | ... | ... | ...

-There are 433 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 438 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

 The following list contains _external sources_ which discuss the actor and the associated activities:

+* https://app.any.run/tasks/6b4a52a0-4bbe-4c57-a196-a7c0e3425220/
+* https://app.any.run/tasks/e6fbe61e-e881-4b8f-8a2b-cd226715c389/
 * https://bazaar.abuse.ch/sample/040aa152e739826874a268f4ffb8be80dd256e7817cdb2c25329d25a5264671e/
 * https://bazaar.abuse.ch/sample/2a1ba880f0cacda99db3eed861bc738a3f8ec6cac2518da431c446851fb4f923/
 * https://bazaar.abuse.ch/sample/4aec64f64812b8ed41eebe2d561d166b6dc9c16f2a856f7d10408ec83f493c06/
@ -132,6 +135,7 @@ The following list contains _external sources_ which discuss the actor and the a
 * https://bazaar.abuse.ch/sample/742a97dbebd3f760b215186d04655dfcaf3846b40d3390a2db9bd7ee5f3d3266/
 * https://bazaar.abuse.ch/sample/998b16d93ed1043b616cddfcae2cbe10b6f4ae05b9bbd1abed4a99ad11205444/
 * https://bazaar.abuse.ch/sample/49763b5871eae34139060e486a62817242212a549593a1875a5221655b510334/
+* https://bazaar.abuse.ch/sample/835089cc52af94cdcdf26ab335f8a4fe4719071746539acf472579fa2fc8e4f9/
 * https://bazaar.abuse.ch/sample/a2bf4098b65e0efb8bc9cba70cfb5e36d01de5f591d100bb429a5dc3ef6c3bc3/
 * https://bazaar.abuse.ch/sample/ca958072c2483f5cfab83972b3e5a25a163eed2d0d6df7d310ddf200a6fec53c/
 * https://bazaar.abuse.ch/sample/f0c40cd7b07913d9ed925ebc130d4263850aeb2e16c32c47214d2b5989bbf4f5/
--- a/actors/TA551/README.md
+++ b/actors/TA551/README.md
@ -20,8 +20,8 @@ There are 1 more campaign items available. Please use our online service to acce
 These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with TA551:

 * [ES](https://vuldb.com/?country.es)
+* [RU](https://vuldb.com/?country.ru)
 * [FR](https://vuldb.com/?country.fr)
-* [DE](https://vuldb.com/?country.de)
 * ...

 There are 9 more country items available. Please use our online service to access the data.
@ -72,63 +72,67 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
 ID | Type | Indicator | Confidence
 -- | ---- | --------- | ----------
 1 | File | `/admin/?page=user/list` | High
-2 | File | `/admin/api/admin/articles/` | High
-3 | File | `/admin/api/theme-edit/` | High
-4 | File | `/admin/budget/manage_budget.php` | High
-5 | File | `/admin/categories/view_category.php` | High
-6 | File | `/admin/contacts/organizations/edit/2` | High
-7 | File | `/Admin/createClass.php` | High
-8 | File | `/admin/curriculum/view_curriculum.php` | High
-9 | File | `/admin/departments/view_department.php` | High
-10 | File | `/admin/edit_subject.php` | High
-11 | File | `/admin/maintenance/view_designation.php` | High
-12 | File | `/admin/modal_add_product.php` | High
-13 | File | `/admin/problem_judge.php` | High
-14 | File | `/admin/reminders/manage_reminder.php` | High
-15 | File | `/admin/sales/manage_sale.php` | High
-16 | File | `/admin/sales/view_details.php` | High
-17 | File | `/admin/suppliers/view_details.php` | High
-18 | File | `/admin/user/manage_user.php` | High
-19 | File | `/admin/userprofile.php` | High
-20 | File | `/admin/voters_row.php` | High
-21 | File | `/ajax.php?action=read_msg` | High
-22 | File | `/ajax.php?action=save_company` | High
-23 | File | `/api/browserextension/UpdatePassword/` | High
-24 | File | `/api/stl/actions/search` | High
-25 | File | `/application/views/themeOptions/update.php` | High
-26 | File | `/attachments` | Medium
-27 | File | `/balance/service/list` | High
-28 | File | `/bin/ate` | Medium
-29 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
-30 | File | `/cgi-bin/ping.cgi` | High
-31 | File | `/classes/Users.php` | High
-32 | File | `/config/myfield/test.php` | High
-33 | File | `/data/app` | Medium
-34 | File | `/dev/snd/seq` | Medium
-35 | File | `/diagnostic/login.php` | High
-36 | File | `/E-mobile/App/System/File/downfile.php` | High
-37 | File | `/etc/gsissh/sshd_config` | High
-38 | File | `/etc/master.passwd` | High
-39 | File | `/etc/passwd` | Medium
-40 | File | `/file_manager/admin/save_user.php` | High
-41 | File | `/goForm/aspForm` | High
-42 | File | `/goform/WifiBasicSet` | High
-43 | File | `/hrm/controller/login.php` | High
-44 | File | `/kelas/data` | Medium
-45 | File | `/login` | Low
-46 | File | `/logs/sql-error.log` | High
-47 | File | `/matkul/data` | Medium
-48 | File | `/mogu-picture/file/uploadPicsByUrl` | High
-49 | File | `/pages/save_user.php` | High
-50 | File | `/password/reset` | High
-51 | File | `/plugin/getList` | High
-52 | File | `/register/abort` | High
-53 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
-54 | File | `/rukovoditel/index.php?module=logs/view&type=php` | High
-55 | File | `/send_order.cgi?parameter=access_detect` | High
-56 | ... | ... | ...
+2 | File | `/admin/addproduct.php` | High
+3 | File | `/admin/api/admin/articles/` | High
+4 | File | `/admin/api/theme-edit/` | High
+5 | File | `/admin/budget/manage_budget.php` | High
+6 | File | `/admin/categories/view_category.php` | High
+7 | File | `/admin/contacts/organizations/edit/2` | High
+8 | File | `/Admin/createClass.php` | High
+9 | File | `/admin/curriculum/view_curriculum.php` | High
+10 | File | `/admin/departments/view_department.php` | High
+11 | File | `/admin/edit_subject.php` | High
+12 | File | `/admin/maintenance/view_designation.php` | High
+13 | File | `/admin/modal_add_product.php` | High
+14 | File | `/admin/problem_judge.php` | High
+15 | File | `/admin/reminders/manage_reminder.php` | High
+16 | File | `/admin/sales/manage_sale.php` | High
+17 | File | `/admin/sales/view_details.php` | High
+18 | File | `/admin/suppliers/view_details.php` | High
+19 | File | `/admin/user/manage_user.php` | High
+20 | File | `/admin/userprofile.php` | High
+21 | File | `/admin/voters_row.php` | High
+22 | File | `/ajax.php?action=read_msg` | High
+23 | File | `/ajax.php?action=save_company` | High
+24 | File | `/api/browserextension/UpdatePassword/` | High
+25 | File | `/api/stl/actions/search` | High
+26 | File | `/application/views/themeOptions/update.php` | High
+27 | File | `/attachments` | Medium
+28 | File | `/balance/service/list` | High
+29 | File | `/bin/ate` | Medium
+30 | File | `/booking/show_bookings/` | High
+31 | File | `/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini` | High
+32 | File | `/cgi-bin/ping.cgi` | High
+33 | File | `/changeimage.php` | High
+34 | File | `/classes/Users.php` | High
+35 | File | `/classes/Users.php?f=save` | High
+36 | File | `/config/myfield/test.php` | High
+37 | File | `/dev/snd/seq` | Medium
+38 | File | `/diagnostic/login.php` | High
+39 | File | `/E-mobile/App/System/File/downfile.php` | High
+40 | File | `/etc/gsissh/sshd_config` | High
+41 | File | `/etc/master.passwd` | High
+42 | File | `/etc/passwd` | Medium
+43 | File | `/file_manager/admin/save_user.php` | High
+44 | File | `/goForm/aspForm` | High
+45 | File | `/goform/RgDhcp` | High
+46 | File | `/goform/RgTime` | High
+47 | File | `/goform/WifiBasicSet` | High
+48 | File | `/hrm/controller/login.php` | High
+49 | File | `/kelas/data` | Medium
+50 | File | `/login` | Low
+51 | File | `/logs/sql-error.log` | High
+52 | File | `/matkul/data` | Medium
+53 | File | `/mogu-picture/file/uploadPicsByUrl` | High
+54 | File | `/pages/save_user.php` | High
+55 | File | `/password/reset` | High
+56 | File | `/paysystem/branch.php` | High
+57 | File | `/plugin/getList` | High
+58 | File | `/register/abort` | High
+59 | File | `/reviewer/system/system/admins/manage/users/user-update.php` | High
+60 | ... | ... | ...

-There are 492 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
+There are 521 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

 ## References

--- a/Show More
+++ b/Show More