{"Endpoints":{"http:80":{"Firsttime":1765667340.323666,"lasttime":1765667351.3270624,"paths":["/static/jquery.min.js","/cdn/jquery-3.6.0.js"],"port":"80","protocol":"http","seen_in":[{"arch":"x64","beacon_ip":"216.126.224.115","beacon_port":"80","config_hash":"803d5716bccdbbbc6bb64352c74fc4acdcfa484f309df79de5f0ea59d7e7d9cc","trial":false,"ts":1765667351.3270624,"version":"Unknown","watermark":987654321},{"arch":"x86","beacon_ip":"216.126.224.115","beacon_port":"80","config_hash":"089b398349fa4e520e61dcc8976e3a9195b7f7d5814a1e7df0234b26117451f3","trial":false,"ts":1765667340.323666,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":987654321}],"submituris":["/api/log"],"urls":["http://216.126.224.115:80/api/log","http://216.126.224.115:80/static/jquery.min.js/api/log","http://216.126.224.115:80/cdn/jquery-3.6.0.js/api/log"]},"https:443":{"Firsttime":1765667338.0678902,"lasttime":1765667339.1875052,"paths":["/cdn/jquery-3.6.0.js"],"port":"443","protocol":"https","seen_in":[{"arch":"x64","beacon_ip":"216.126.224.115","beacon_port":"443","config_hash":"774c594a063dbf92b13a4489f03d34050630b5facdc64ecbb01553e1be0a9d7d","trial":false,"ts":1765667339.1875052,"version":"Unknown","watermark":987654321},{"arch":"x86","beacon_ip":"216.126.224.115","beacon_port":"443","config_hash":"7e208d80cc9372bc0340af937381e21dff288e13533e4d05d72b3a7d207d2124","trial":false,"ts":1765667338.0678902,"version":"Cobalt Strike 4.9 (Sep 19, 2023)","watermark":987654321}],"submituris":["/api/event"],"urls":["https://216.126.224.115:443/api/event","https://216.126.224.115:443/cdn/jquery-3.6.0.js/api/event"]}},"Firsttime":1765667338.0678902,"Host":"216.126.224.115","IP":"216.126.224.115","IPs":["216.126.224.115"],"Paths":["/cdn/jquery-3.6.0.js","/static/jquery.min.js"],"Ports":["443","80"],"Protocols":["https","http"],"SubmitURIs":["/api/event","/api/log"],"URLs":["https://216.126.224.115:443/api/event","https://216.126.224.115:443/cdn/jquery-3.6.0.js/api/event","http://216.126.224.115:80/api/log","http://216.126.224.115:80/static/jquery.min.js/api/log","http://216.126.224.115:80/cdn/jquery-3.6.0.js/api/log"],"ip_enrichment":{"216.126.224.115":{"ASN":{"number":14956,"org":"ROUTERHOSTING"},"GEO":{"country":"US","country_name":"United States","lat":38.0,"lon":-97.0},"first":1765667338.0678902,"last":1765667351.3270624,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1767456638.9715598}},"lasttime":1765667351.3270624}