{"Endpoints":{"https:19002":{"Firsttime":1766703917.0316572,"lasttime":1768979517.2013843,"paths":["/updates"],"port":"19002","protocol":"https","seen_in":[{"arch":"x64","beacon_ip":"222.221.20.14","beacon_port":"19002","config_hash":"1b161cf8c6ea13b334b54d7f36e7898fb0061102ac612f18e5b4247929eaace2","trial":false,"ts":1767049890.5221977,"version":"Unknown","watermark":1234567890},{"arch":"x64","beacon_ip":"222.221.20.14","beacon_port":"19002","config_hash":"813b13fe227a17d521f8a9f100cd999e86d1ed826ce6f9a619a2cedc898da2ed","trial":false,"ts":1767222472.7782896,"version":"Unknown","watermark":1234567890},{"arch":"x86","beacon_ip":"222.221.20.14","beacon_port":"19002","config_hash":"a980239d2a6c9f9e66df49ac419a197b716c7731344fcb0df672e5deff6fed49","trial":false,"ts":1767049888.586248,"version":"Cobalt Strike 4.4 (Aug 04, 2021)","watermark":1234567890},{"arch":"x86","beacon_ip":"222.221.20.14","beacon_port":"19002","config_hash":"8632c27df0a5a2b80d9e14ac8e5686eb6a6408c65c9bf56713e8818c692cf1bf","trial":false,"ts":1767222470.780259,"version":"Cobalt Strike 4.4 (Aug 04, 2021)","watermark":1234567890},{"arch":"x86","beacon_ip":"222.221.20.14","beacon_port":"19002","config_hash":"8d6abab14c8206f039e22d1b7dcbc1c5b5c092acafc346dd5f4534fc3e72536a","trial":false,"ts":1768979515.2390304,"version":"Cobalt Strike 4.4 (Aug 04, 2021)","watermark":1234567890},{"arch":"x64","beacon_ip":"222.221.20.14","beacon_port":"19002","config_hash":"cd4fc4b36427d4fec248ea571d16bb89b136e34868eeb3ff78d3fe0fbcb5de2b","trial":false,"ts":1768979517.2013843,"version":"Unknown","watermark":1234567890}],"submituris":["/hello/flash.php","/windebug/updcheck.php","/aero2/fly.php","/windowsxp/updcheck.php"],"urls":["https://222.221.20.14:19002/hello/flash.php","https://222.221.20.14:19002/updates/hello/flash.php","https://222.221.20.14:19002/updates/windebug/updcheck.php","https://222.221.20.14:19002/windebug/updcheck.php","https://222.221.20.14:19002/aero2/fly.php","https://222.221.20.14:19002/updates/aero2/fly.php","https://222.221.20.14:19002/updates/windowsxp/updcheck.php","https://222.221.20.14:19002/windowsxp/updcheck.php"]}},"Firsttime":1766703917.0316572,"Host":"222.221.20.14","IP":"222.221.20.14","IPs":["222.221.20.14"],"Paths":["/updates"],"Ports":["19002"],"Protocols":["https"],"SubmitURIs":["/hello/flash.php","/windebug/updcheck.php","/aero2/fly.php","/windowsxp/updcheck.php"],"URLs":["https://222.221.20.14:19002/hello/flash.php","https://222.221.20.14:19002/updates/hello/flash.php","https://222.221.20.14:19002/updates/windebug/updcheck.php","https://222.221.20.14:19002/windebug/updcheck.php","https://222.221.20.14:19002/aero2/fly.php","https://222.221.20.14:19002/updates/aero2/fly.php","https://222.221.20.14:19002/updates/windowsxp/updcheck.php","https://222.221.20.14:19002/windowsxp/updcheck.php"],"ip_enrichment":{"222.221.20.14":{"ASN":{"number":4134,"org":"CHINANET-BACKBONE No.31,Jin-rong Street"},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1766703917.0316572,"last":1767222472.7782896,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1767456639.1136649}},"lasttime":1768979517.2013843}