{"Endpoints":{"http:8080":{"Firsttime":1780697112.145941,"lasttime":1780841372.9442575,"paths":["/cm","/ca"],"port":"8080","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"38.14.248.138","beacon_port":"8080","config_hash":"4da1373addd6169c109d6d674dd05c0428f469b7d8bc630223abf753153eead8","trial":false,"ts":1780841361.7480655,"version":"Cobalt Strike 4.3 (Mar 03, 2021)","watermark":426352781},{"arch":"x64","beacon_ip":"38.14.248.138","beacon_port":"8080","config_hash":"f4e544c935b6e3a41e22f08c4d0f578ab8d07d7ef8c8e2891924512f520baeb2","trial":false,"ts":1780841372.9442575,"version":"Cobalt Strike 4.3 (Mar 03, 2021)","watermark":426352781}],"submituris":["/submit.php"],"urls":["http://38.14.248.138:8080/cm/submit.php","http://38.14.248.138:8080/submit.php","http://38.14.248.138:8080/ca/submit.php"]},"https:8085":{"Firsttime":1780985104.3962755,"lasttime":1781071598.547887,"paths":["/pixel.gif","/fwlink"],"port":"8085","protocol":"https","seen_in":[{"arch":"x86","beacon_ip":"38.14.248.138","beacon_port":"8085","config_hash":"10b8cce542bbf5e535cfaf3322c24d95488a9def279ecea2ccf3e524e7157915","trial":false,"ts":1781071597.005406,"version":"Cobalt Strike 4.3 (Mar 03, 2021)","watermark":426352781},{"arch":"x64","beacon_ip":"38.14.248.138","beacon_port":"8085","config_hash":"c928e4dfa1e7d0c102defd428cd5d773fd0f8263e71c82ffbdd7d7ca0a643e25","trial":false,"ts":1781071598.547887,"version":"Cobalt Strike 4.3 (Mar 03, 2021)","watermark":426352781}],"submituris":["/submit.php"],"urls":["https://38.14.248.138:8085/pixel.gif/submit.php","https://38.14.248.138:8085/submit.php","https://38.14.248.138:8085/fwlink/submit.php"]}},"Firsttime":1780697112.145941,"Host":"38.14.248.138","IP":"38.14.248.138","IPs":["38.14.248.138"],"Paths":["/cm","/ca","/pixel.gif","/fwlink"],"Ports":["8080","8085"],"Protocols":["http","https"],"SubmitURIs":["/submit.php"],"URLs":["http://38.14.248.138:8080/cm/submit.php","http://38.14.248.138:8080/submit.php","http://38.14.248.138:8080/ca/submit.php","https://38.14.248.138:8085/pixel.gif/submit.php","https://38.14.248.138:8085/submit.php","https://38.14.248.138:8085/fwlink/submit.php"],"ip_enrichment":{"38.14.248.138":{"ASN":{"number":400619,"org":"AROSS-AS"},"GEO":{"country":"US","country_name":"United States","lat":38.0,"lon":-97.0},"first":1780697112.145941,"last":1780697116.4680996,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1780697163.4539654}},"lasttime":1781071598.547887}