I see this countless time which bothers me to no end. For example, this company posted their documentation about the Emotet malware found here: https://cert.grnet.gr/en/blog/reverse-engineering-emotet/
While scrolling through, they show some code but censor the URL the malware uses to contact home: https://i.imgur.com/ZOwtfuM.png
Its an act ive seen for years and I never understood why. Wouldnt you want researchers to know the IP address and/or domains so they can be inspected more than the original authors may have missed?