{"Endpoints":{"http:80":{"Firsttime":1778565912.0965352,"lasttime":1781100476.9539933,"paths":["/push","/dot.gif"],"port":"80","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"124.220.6.158","beacon_port":"80","config_hash":"1277129ae212182899e401b5715201b575459668485a4c2878ad9290c776f7eb","trial":false,"ts":1781100475.3138146,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666},{"arch":"x64","beacon_ip":"124.220.6.158","beacon_port":"80","config_hash":"d27cbb18813f6cf0a2c0daf0ab6188510e6ea9b2c452b669cb4c7763b2129321","trial":false,"ts":1781100476.9539933,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666}],"submituris":["/submit.php"],"urls":["http://124.220.6.158:80/push/submit.php","http://124.220.6.158:80/submit.php","http://124.220.6.158:80/dot.gif/submit.php"]},"https:443":{"Firsttime":1778767556.1669812,"lasttime":1781330722.8143084,"paths":["/IE9CompatViewList.xml","/load"],"port":"443","protocol":"https","seen_in":[{"arch":"x86","beacon_ip":"124.220.6.158","beacon_port":"443","config_hash":"1285064c473243272258884cd8c4bda715bd2b9d55c09a78cf7d63aba00d3690","trial":false,"ts":1781330720.3434126,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666},{"arch":"x64","beacon_ip":"124.220.6.158","beacon_port":"443","config_hash":"c90112f045d29c1dd307883947df31179d132fac9d052c29f40ce65c828ef4ef","trial":false,"ts":1781330722.8143084,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":666666666}],"submituris":["/submit.php"],"urls":["https://124.220.6.158:443/IE9CompatViewList.xml/submit.php","https://124.220.6.158:443/submit.php","https://124.220.6.158:443/load/submit.php"]}},"Firsttime":1778565912.0965352,"Host":"124.220.6.158","IP":"124.220.6.158","IPs":["124.220.6.158"],"Paths":["/push","/dot.gif","/IE9CompatViewList.xml","/load"],"Ports":["80","443"],"Protocols":["http","https"],"SubmitURIs":["/submit.php"],"URLs":["http://124.220.6.158:80/push/submit.php","http://124.220.6.158:80/submit.php","http://124.220.6.158:80/dot.gif/submit.php","https://124.220.6.158:443/IE9CompatViewList.xml/submit.php","https://124.220.6.158:443/submit.php","https://124.220.6.158:443/load/submit.php"],"ip_enrichment":{"124.220.6.158":{"ASN":{"number":45090,"org":"TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited"},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1778565912.0965352,"last":1778565914.1321902,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1778566535.616198}},"lasttime":1781330722.8143084}