{"Endpoints":{"http:8888":{"Firsttime":1774821920.139451,"lasttime":1779861932.9241748,"paths":["/pixel","/cx","/__utm.gif","/fwlink"],"port":"8888","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"47.120.20.86","beacon_port":"8888","config_hash":"7ea73bbac8cf02715e7cf20911385f27e38bc06ecce20d344500cd262418b000","trial":false,"ts":1774879551.056277,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"47.120.20.86","beacon_port":"8888","config_hash":"e14fc62b99159f04a2a97cc6939578299e662c6ace931e31aa705482f1c0fd57","trial":false,"ts":1774879564.056233,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x86","beacon_ip":"47.120.20.86","beacon_port":"8888","config_hash":"f3a88167613a89d5d317dd957e7fa8bc27e79f29fca45c7e89abfd9454eec3ed","trial":false,"ts":1779861930.7556167,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"47.120.20.86","beacon_port":"8888","config_hash":"a5859e23a068bc408662eec8f576554698d59f3e4d59269efb9cfc590ab59b02","trial":false,"ts":1779861932.9241748,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/submit.php"],"urls":["http://47.120.20.86:8888/pixel/submit.php","http://47.120.20.86:8888/submit.php","http://47.120.20.86:8888/cx/submit.php","http://47.120.20.86:8888/__utm.gif/submit.php","http://47.120.20.86:8888/fwlink/submit.php"]},"https:8443":{"Firsttime":1774393504.7692358,"lasttime":1779718077.4460278,"paths":["/ga.js","/ca","/activity"],"port":"8443","protocol":"https","seen_in":[{"arch":"x86","beacon_ip":"47.120.20.86","beacon_port":"8443","config_hash":"9699e821aaa07ed901328d035a462accdc6557d78e5101f4947c8fadb2371a29","trial":false,"ts":1774537568.468987,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"47.120.20.86","beacon_port":"8443","config_hash":"ea2b260e6b0874706bbb3af9d6c08a44f68ce7fd1fe707d9d3ce5b439b6a2c41","trial":false,"ts":1774537572.0144632,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x86","beacon_ip":"47.120.20.86","beacon_port":"8443","config_hash":"f7da6b368edfbd49f3d3d042bcebc310d1ce102fb424b9e023e242a1389d4bb2","trial":false,"ts":1779718075.3692245,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"47.120.20.86","beacon_port":"8443","config_hash":"6bf9b08a20dad0f4c67005e03eb0c46d6c48777d8b37aa9c1279426e3eb73e84","trial":false,"ts":1779718077.4460278,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/submit.php"],"urls":["https://47.120.20.86:8443/ga.js/submit.php","https://47.120.20.86:8443/submit.php","https://47.120.20.86:8443/ca/submit.php","https://47.120.20.86:8443/activity/submit.php"]}},"Firsttime":1774393504.7692358,"Host":"47.120.20.86","IP":"47.120.20.86","IPs":["47.120.20.86"],"Paths":["/ga.js","/ca","/pixel","/cx","/activity","/__utm.gif","/fwlink"],"Ports":["8443","8888"],"Protocols":["https","http"],"SubmitURIs":["/submit.php"],"URLs":["https://47.120.20.86:8443/ga.js/submit.php","https://47.120.20.86:8443/submit.php","https://47.120.20.86:8443/ca/submit.php","http://47.120.20.86:8888/pixel/submit.php","http://47.120.20.86:8888/submit.php","http://47.120.20.86:8888/cx/submit.php","https://47.120.20.86:8443/activity/submit.php","http://47.120.20.86:8888/__utm.gif/submit.php","http://47.120.20.86:8888/fwlink/submit.php"],"ip_enrichment":{"47.120.20.86":{"ASN":{"number":37963,"org":"ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd."},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1774393504.7692358,"last":1774393506.689917,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1774393555.1298466}},"lasttime":1779861932.9241748}