{"Endpoints":{"http:80":{"Firsttime":1780437905.2470782,"lasttime":1781964334.341479,"paths":["/ptj","/push","/load","/g.pixel"],"port":"80","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"118.89.203.103","beacon_port":"80","config_hash":"19532b2c5c91c13965a2136e70962b3e96cb5e4f99565c908612d354c2a86c97","trial":false,"ts":1780582025.529045,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"118.89.203.103","beacon_port":"80","config_hash":"f3fea857495068da27ef6af8487b4bee08798998ae1cafa43f57417a6445b436","trial":false,"ts":1780582027.073938,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x86","beacon_ip":"118.89.203.103","beacon_port":"80","config_hash":"1ce2d1894f8203fb1a99c93875c43708822b9669cd7f3ee45808504b1231bdc5","trial":false,"ts":1781964332.236503,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"118.89.203.103","beacon_port":"80","config_hash":"69b1bc7f71df36612cd99bbc28ee29e3a391c78619ded819dc1a4c60291ba280","trial":false,"ts":1781964334.341479,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/submit.php"],"urls":["http://118.89.203.103:80/ptj/submit.php","http://118.89.203.103:80/submit.php","http://118.89.203.103:80/push/submit.php","http://118.89.203.103:80/load/submit.php","http://118.89.203.103:80/g.pixel/submit.php"]},"http:9999":{"Firsttime":1781445907.0506122,"lasttime":1782252355.2732902,"paths":["/load","/activity"],"port":"9999","protocol":"http","seen_in":[{"arch":"x86","beacon_ip":"118.89.203.103","beacon_port":"9999","config_hash":"f7732dbcefe66410d0837a5f06173f9d8eb226a710f44d94657352570567fd25","trial":false,"ts":1782252351.693918,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321},{"arch":"x64","beacon_ip":"118.89.203.103","beacon_port":"9999","config_hash":"fc0c967ef2e6efd4ebc24fa00f1169351d170020d72b38128dc124090636097e","trial":false,"ts":1782252355.2732902,"version":"Cobalt Strike 4.8 (Feb 28, 2023)","watermark":987654321}],"submituris":["/submit.php"],"urls":["http://118.89.203.103:9999/load/submit.php","http://118.89.203.103:9999/submit.php","http://118.89.203.103:9999/activity/submit.php"]}},"Firsttime":1780437905.2470782,"Host":"118.89.203.103","IP":"118.89.203.103","IPs":["118.89.203.103"],"Paths":["/ptj","/push","/load","/g.pixel","/activity"],"Ports":["80","9999"],"Protocols":["http"],"SubmitURIs":["/submit.php"],"URLs":["http://118.89.203.103:80/ptj/submit.php","http://118.89.203.103:80/submit.php","http://118.89.203.103:80/push/submit.php","http://118.89.203.103:80/load/submit.php","http://118.89.203.103:80/g.pixel/submit.php","http://118.89.203.103:9999/load/submit.php","http://118.89.203.103:9999/submit.php","http://118.89.203.103:9999/activity/submit.php"],"ip_enrichment":{"118.89.203.103":{"ASN":{"number":45090,"org":"TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited"},"GEO":{"country":"CN","country_name":"China","lat":35.0,"lon":105.0},"first":1780437905.2470782,"last":1780437907.0520165,"meta":{"build_db":"2025-10-14 12:06:54","db_source":"GeoOpen-Country-ASN"},"source":"ip.circl.lu","updated":1780438035.0037038}},"lasttime":1782252355.2732902}