{"Endpoints":{"http:8443":{"Firsttime":1765303877.8666372,"lasttime":1765303880.8829138,"paths":["/j.ad","/cx"],"port":"8443","protocol":"http","seen_in":[{"arch":"x64","beacon_ip":"117.72.199.157","beacon_port":"8443","config_hash":"0f45dc86f6e1b3982867f3d108c230909ef91ccef58453dece59010495103f61","trial":false,"ts":1765303880.8829138,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666},{"arch":"x86","beacon_ip":"117.72.199.157","beacon_port":"8443","config_hash":"94cf07826bb7e9fe53d64c766ae7febe258404e01ea3650ecc4e14849d6d931e","trial":false,"ts":1765303877.8666372,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666}],"submituris":["/submit.php"],"urls":["http://117.72.199.157:8443/j.ad/submit.php","http://117.72.199.157:8443/submit.php","http://117.72.199.157:8443/cx/submit.php"]},"https:7443":{"Firsttime":1765303874.586875,"lasttime":1765303876.4531152,"paths":["/dot.gif","/activity"],"port":"7443","protocol":"https","seen_in":[{"arch":"x64","beacon_ip":"117.72.199.157","beacon_port":"7443","config_hash":"71573a666ab64b53fa55f8bb4f74417afc3cf7c3e44ac85bfd7aefacf9cfc9f5","trial":false,"ts":1765303876.4531152,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666},{"arch":"x86","beacon_ip":"117.72.199.157","beacon_port":"7443","config_hash":"80da03c573e938bff2aaab53b3465e524684c71f50fa2344e20487c09230089f","trial":false,"ts":1765303874.586875,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666}],"submituris":["/submit.php"],"urls":["https://117.72.199.157:7443/dot.gif/submit.php","https://117.72.199.157:7443/submit.php","https://117.72.199.157:7443/activity/submit.php"]}},"Firsttime":1765303874.586875,"Host":"117.72.199.157","IP":"117.72.199.157","IPs":["117.72.199.157"],"Paths":["/dot.gif","/activity","/j.ad","/cx"],"Ports":["7443","8443"],"Protocols":["https","http"],"SubmitURIs":["/submit.php"],"URLs":["https://117.72.199.157:7443/dot.gif/submit.php","https://117.72.199.157:7443/submit.php","https://117.72.199.157:7443/activity/submit.php","http://117.72.199.157:8443/j.ad/submit.php","http://117.72.199.157:8443/submit.php","http://117.72.199.157:8443/cx/submit.php"],"ip_enrichment":{"117.72.199.157":{"ASN":{"number":141679,"org":"CHINATELECOM-IDC-BTHBD-AP China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch"},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1765303874.586875,"last":1765303880.8829138,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1767456638.6519413}},"lasttime":1765303880.8829138}