{"Endpoints":{"http:80":{"Firsttime":1773961533.0408342,"lasttime":1775155476.8896801,"paths":["/updates.rss","/ga.js"],"port":"80","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"140.143.194.253","beacon_port":"80","config_hash":"976f3aa3a45c7bcf0a1d790b6dc20850370bf8288f8aa27a2b8ff37aeed3ee93","trial":false,"ts":1775155473.3026223,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"140.143.194.253","beacon_port":"80","config_hash":"f21e629b7dd4457237347e8cdd495bf4640abcf552c7d54a939102a6ac6e77d8","trial":false,"ts":1775155476.8896801,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/submit.php"],"urls":["http://140.143.194.253:80/submit.php","http://140.143.194.253:80/updates.rss/submit.php","http://140.143.194.253:80/ga.js/submit.php"]},"https:443":{"Firsttime":1773932713.5341907,"lasttime":1775311743.7082725,"paths":["/match","/fwlink"],"port":"443","protocol":"https","seen_in":[{"arch":"x86","beacon_ip":"140.143.194.253","beacon_port":"443","config_hash":"2ed18af9932d759046be083b2f2b115c1153995b3f9ae6d9e4a7b2c8ce31d9ef","trial":false,"ts":1775311738.4547987,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"140.143.194.253","beacon_port":"443","config_hash":"708d6a0768f34fb9eba5eb01de1e394fa2ca93bbd12818e7c5ad010bf2a48395","trial":false,"ts":1775311743.7082725,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/submit.php"],"urls":["https://140.143.194.253:443/match/submit.php","https://140.143.194.253:443/submit.php","https://140.143.194.253:443/fwlink/submit.php"]}},"Firsttime":1773932713.5341907,"Host":"140.143.194.253","IP":"140.143.194.253","IPs":["140.143.194.253"],"Paths":["/match","/fwlink","/updates.rss","/ga.js"],"Ports":["443","80"],"Protocols":["https","http"],"SubmitURIs":["/submit.php"],"URLs":["https://140.143.194.253:443/match/submit.php","https://140.143.194.253:443/submit.php","https://140.143.194.253:443/fwlink/submit.php","http://140.143.194.253:80/submit.php","http://140.143.194.253:80/updates.rss/submit.php","http://140.143.194.253:80/ga.js/submit.php"],"ip_enrichment":{"140.143.194.253":{"ASN":{"number":45090,"org":"TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited"},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1773932713.5341907,"last":1773932716.2287421,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1773932803.7678776}},"lasttime":1775311743.7082725}