C2
Key: 114.132.251.233 · Resolved IP: 114.132.251.233
CN / AS45090 / TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited
Protocols: http, https · Ports: 5001, 5003, 5002
First view: 2026-03-18 16:05:05 CET · Last view: 2026-04-11 08:06:04 CEST
CN / AS45090 / TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited
Protocols: http, https · Ports: 5001, 5003, 5002
First view: 2026-03-18 16:05:05 CET · Last view: 2026-04-11 08:06:04 CEST
Endpoints
| ID | Protocol | Port | First view | Last view | SubmitURIs | Paths | URLs | Seen in |
|---|---|---|---|---|---|---|---|---|
| http:5001 | http | 5001 | 2026-03-18 16:05:05 CET | 2026-04-11 08:06:04 CEST | /submit.php | /en_US/all.js, /updates.rss |
3
sample
|
2 |
| http:5002 | http | 5002 | 2026-04-08 00:05:12 CEST | 2026-04-08 16:05:27 CEST | /submit.php | /activity, /j.ad |
3
sample
|
2 |
| https:5003 | https | 5003 | 2026-03-21 00:05:05 CET | 2026-04-03 16:08:56 CEST | /submit.php | /__utm.gif, /g.pixel |
3
sample
|
2 |
Raw JSON
{
"Endpoints": {
"http:5001": {
"Firsttime": 1773846305.3305423,
"lasttime": 1775887564.332117,
"paths": [
"/en_US/all.js",
"/updates.rss"
],
"port": "5001",
"protocol": "http",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "114.132.251.233",
"beacon_port": "5001",
"config_hash": "c69ce97d2751ad1e444aed271089aad2aad6a44ef7409f84daf05f0770141f15",
"trial": false,
"ts": 1775887562.530625,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
},
{
"arch": "x64",
"beacon_ip": "114.132.251.233",
"beacon_port": "5001",
"config_hash": "5f4f36bae3a6c559dc59d7e529c6442c36eaf7c866f8b8f20ca8e5807cdef570",
"trial": false,
"ts": 1775887564.332117,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
}
],
"submituris": [
"/submit.php"
],
"urls": [
"http://114.132.251.233:5001/en_US/all.js/submit.php",
"http://114.132.251.233:5001/submit.php",
"http://114.132.251.233:5001/updates.rss/submit.php"
]
},
"http:5002": {
"Firsttime": 1775599512.1768444,
"lasttime": 1775657127.8119287,
"paths": [
"/activity",
"/j.ad"
],
"port": "5002",
"protocol": "http",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "114.132.251.233",
"beacon_port": "5002",
"config_hash": "22a326bb5db97c342fca9ace3272d2e2f152d248af24509b017b63aed6b585c3",
"trial": false,
"ts": 1775657119.0735285,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
},
{
"arch": "x64",
"beacon_ip": "114.132.251.233",
"beacon_port": "5002",
"config_hash": "47416c897f26f1a5b6cf319503d3df19d5587b8a8bc655ee4480acaa957fe502",
"trial": false,
"ts": 1775657127.8119287,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
}
],
"submituris": [
"/submit.php"
],
"urls": [
"http://114.132.251.233:5002/activity/submit.php",
"http://114.132.251.233:5002/submit.php",
"http://114.132.251.233:5002/j.ad/submit.php"
]
},
"https:5003": {
"Firsttime": 1774047905.3938487,
"lasttime": 1775225336.136964,
"paths": [
"/__utm.gif",
"/g.pixel"
],
"port": "5003",
"protocol": "https",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "114.132.251.233",
"beacon_port": "5003",
"config_hash": "b29a7bcedb9e36825884823922ef76fae917e71b3801e62c48d9aeab42d8ad54",
"trial": false,
"ts": 1775225334.1424553,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
},
{
"arch": "x64",
"beacon_ip": "114.132.251.233",
"beacon_port": "5003",
"config_hash": "96c8debd0eb92cd35e9134966ac70ab1e03f4edf5c51bb7fa2ac5073bda231a9",
"trial": false,
"ts": 1775225336.136964,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
}
],
"submituris": [
"/submit.php"
],
"urls": [
"https://114.132.251.233:5003/__utm.gif/submit.php",
"https://114.132.251.233:5003/submit.php",
"https://114.132.251.233:5003/g.pixel/submit.php"
]
}
},
"Firsttime": 1773846305.3305423,
"Host": "114.132.251.233",
"IP": "114.132.251.233",
"IPs": [
"114.132.251.233"
],
"Paths": [
"/en_US/all.js",
"/updates.rss",
"/__utm.gif",
"/g.pixel",
"/activity",
"/j.ad"
],
"Ports": [
"5001",
"5003",
"5002"
],
"Protocols": [
"http",
"https"
],
"SubmitURIs": [
"/submit.php"
],
"URLs": [
"http://114.132.251.233:5001/en_US/all.js/submit.php",
"http://114.132.251.233:5001/submit.php",
"http://114.132.251.233:5001/updates.rss/submit.php",
"https://114.132.251.233:5003/__utm.gif/submit.php",
"https://114.132.251.233:5003/submit.php",
"https://114.132.251.233:5003/g.pixel/submit.php",
"http://114.132.251.233:5002/activity/submit.php",
"http://114.132.251.233:5002/submit.php",
"http://114.132.251.233:5002/j.ad/submit.php"
],
"ip_enrichment": {
"114.132.251.233": {
"ASN": {
"number": 45090,
"org": "TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited"
},
"GEO": {
"country": "CN",
"country_name": "China",
"lat": 35.0,
"lon": 105.0
},
"first": 1773846305.3305423,
"last": 1773846307.5301206,
"meta": {
"build_db": "2025-10-14 12:06:54",
"db_source": "GeoOpen-Country-ASN"
},
"source": "ip.circl.lu",
"updated": 1773846356.856718
}
},
"lasttime": 1775887564.332117
}