C2
Key: google.dns-1.help · Resolved IP: 8.219.158.30
CN / AS45102 / ALIBABA-CN-NET Alibaba US Technology Co., Ltd.
Protocols: https, http · Ports: 443, 80
First view: 2026-06-10 00:05:37 CEST · Last view: 2026-06-11 16:06:45 CEST
CN / AS45102 / ALIBABA-CN-NET Alibaba US Technology Co., Ltd.
Protocols: https, http · Ports: 443, 80
First view: 2026-06-10 00:05:37 CEST · Last view: 2026-06-11 16:06:45 CEST
Endpoints
| ID | Protocol | Port | First view | Last view | SubmitURIs | Paths | URLs | Seen in |
|---|---|---|---|---|---|---|---|---|
| http:80 | http | 80 | 2026-06-10 16:05:56 CEST | 2026-06-11 16:06:06 CEST | /submit.php | /match, /__utm.gif |
3
sample
|
2 |
| https:443 | https | 443 | 2026-06-10 00:05:37 CEST | 2026-06-11 16:06:45 CEST | /submit.php | /dot.gif, /j.ad |
3
sample
|
2 |
Raw JSON
{
"Endpoints": {
"http:80": {
"Firsttime": 1781100356.2597606,
"lasttime": 1781186766.1394832,
"paths": [
"/match",
"/__utm.gif"
],
"port": "80",
"protocol": "http",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "8.219.158.30",
"beacon_port": "80",
"config_hash": "7784a2bae745a3612506f1a519198408384e4134e7043f08391f767211d80441",
"trial": false,
"ts": 1781186764.4934742,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
},
{
"arch": "x64",
"beacon_ip": "8.219.158.30",
"beacon_port": "80",
"config_hash": "25d9a952e932fa270e7ab0223b7f511552c2571c4c0fd67b96b4b55c6d5a647c",
"trial": false,
"ts": 1781186766.1394832,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
}
],
"submituris": [
"/submit.php"
],
"urls": [
"http://google.dns-1.help:80/match/submit.php",
"http://google.dns-1.help:80/submit.php",
"http://google.dns-1.help:80/__utm.gif/submit.php"
]
},
"https:443": {
"Firsttime": 1781042737.2872818,
"lasttime": 1781186805.457044,
"paths": [
"/dot.gif",
"/j.ad"
],
"port": "443",
"protocol": "https",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "8.219.158.30",
"beacon_port": "443",
"config_hash": "a075f7f961d7e6608caa15d9ae6bc177b12c4b13a0af7248aab7d9ff52656139",
"trial": false,
"ts": 1781186803.9693267,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
},
{
"arch": "x64",
"beacon_ip": "8.219.158.30",
"beacon_port": "443",
"config_hash": "a749298f8026d2a14666c8db25aee2153578616a67b884d307fefcae8ca61a7e",
"trial": false,
"ts": 1781186805.457044,
"version": "Cobalt Strike 4.9 (Sep 19, 2023)",
"watermark": 666666666
}
],
"submituris": [
"/submit.php"
],
"urls": [
"https://google.dns-1.help:443/dot.gif/submit.php",
"https://google.dns-1.help:443/submit.php",
"https://google.dns-1.help:443/j.ad/submit.php"
]
}
},
"Firsttime": 1781042737.2872818,
"Host": "google.dns-1.help",
"IP": "8.219.158.30",
"IPs": [
"8.219.158.30"
],
"Paths": [
"/dot.gif",
"/j.ad",
"/match",
"/__utm.gif"
],
"Ports": [
"443",
"80"
],
"Protocols": [
"https",
"http"
],
"SubmitURIs": [
"/submit.php"
],
"URLs": [
"https://google.dns-1.help:443/dot.gif/submit.php",
"https://google.dns-1.help:443/submit.php",
"https://google.dns-1.help:443/j.ad/submit.php",
"http://google.dns-1.help:80/match/submit.php",
"http://google.dns-1.help:80/submit.php",
"http://google.dns-1.help:80/__utm.gif/submit.php"
],
"ip_enrichment": {
"8.219.158.30": {
"ASN": {
"number": 45102,
"org": "ALIBABA-CN-NET Alibaba US Technology Co., Ltd."
},
"GEO": {
"country": "CN",
"country_name": "China",
"lat": 35.0,
"lon": 105.0
},
"first": 1781042737.2872818,
"last": 1781042739.2653115,
"meta": {
"build_db": "2025-10-14 12:06:54",
"db_source": "GeoOpen-Country-ASN"
},
"source": "ip.circl.lu",
"updated": 1781042835.155175
}
},
"lasttime": 1781186805.457044
}