Palo have a public list for Microsoft Azure and Microsoft 365 here.

Also, when downloading a dynamic list over SSL (HTTPS), you will need to use a certificate profile that includes the root certificate. However, some certificates are signed by two chains. Your web browser may only show one chain. You can use https://www.ssllabs.com/ssltest to show a list of both chains (assuming it is a public facing site). The ssllabs page will allow you to download the chain files.

From Reddit

*/10 * * * * user curl -L https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt | grep -Eo '([0-9]{1,3}.){3}[0-9]{1,3}' | grep -v '0.0.0.0' | grep -v 'your ip or first three Octets of /24' | grep -v '/127(?:.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?){3}$)|(10(?:.(25[0-5]|2[0-4][0-9]|> [01]?[0-9][0-9]?)){3}$)|(192.168(?:.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}$)|(172.(?:1[6-9]|2\d|3[0-1])(?:.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}$)' > /var/tmp/feodo_tracker_botnet_c2_ip_blocklist.txt && mv /var/tmp/feodo_tracker_botnet_c2_ip_blocklist.txt /var/www/html/block_lists/feodo_tracker_botnet_c2_ip_blocklist.txt

For lists with cidrs you would change line

-Eo '([0-9]{1,3}.){3}[0-9]{1,3}'

to

-Eo '([0-9]{1,3}.){3}[0-9]{1,3}/[0-9]{2}'

This also has some checks to look for your public ip space, remove rf 1918 space and null entry 0.0.0.0.