C2
Key: 120.55.75.154 · Resolved IP: 120.55.75.154
Protocols: http, https · Ports: 80, 443
First view: 2026-01-29 16:09:02 CET · Last view: 2026-02-02 00:09:58 CET
Endpoints
| ID |
Protocole |
Port |
First view |
Last view |
SubmitURIs |
Paths |
URLs |
Seen in |
| http:80 |
http |
80 |
2026-01-29 16:09:02 CET |
2026-02-01 16:11:08 CET |
/submit.php |
/ca, /fwlink |
3
Sample
- http://120.55.75.154:80/ca/submit.php
- http://120.55.75.154:80/submit.php
- http://120.55.75.154:80/fwlink/submit.php
|
2
hashes
|
| https:443 |
https |
443 |
2026-01-29 16:09:13 CET |
2026-02-02 00:09:58 CET |
/submit.php |
/push, /dot.gif |
3
Sample
- https://120.55.75.154:443/push/submit.php
- https://120.55.75.154:443/submit.php
- https://120.55.75.154:443/dot.gif/submit.php
|
2
hashes
|
{
"Endpoints": {
"http:80": {
"Firsttime": 1769699342.8963854,
"lasttime": 1769958668.7458541,
"paths": [
"/ca",
"/fwlink"
],
"port": "80",
"protocol": "http",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "120.55.75.154",
"beacon_port": "80",
"config_hash": "7fae0b5212ff1cc4c7819515c08972dcf03589a811eb510ee498077401121150",
"trial": false,
"ts": 1769958666.8195958,
"version": "Cobalt Strike 4.8 (Feb 28, 2023)",
"watermark": 987654321
},
{
"arch": "x64",
"beacon_ip": "120.55.75.154",
"beacon_port": "80",
"config_hash": "afbbcd556750dad5c0bf846c491efbe275c27322faef6e7d0d25efc0f786b856",
"trial": false,
"ts": 1769958668.7458541,
"version": "Cobalt Strike 4.8 (Feb 28, 2023)",
"watermark": 987654321
}
],
"submituris": [
"/submit.php"
],
"urls": [
"http://120.55.75.154:80/ca/submit.php",
"http://120.55.75.154:80/submit.php",
"http://120.55.75.154:80/fwlink/submit.php"
]
},
"https:443": {
"Firsttime": 1769699353.217451,
"lasttime": 1769987398.9478583,
"paths": [
"/push",
"/dot.gif"
],
"port": "443",
"protocol": "https",
"seen_in": [
{
"arch": "x86",
"beacon_ip": "120.55.75.154",
"beacon_port": "443",
"config_hash": "8bc50cf209c69b8b8e8d89bb484b002cc18dc0defb8c033eee068c8d89f148fb",
"trial": false,
"ts": 1769987397.2657483,
"version": "Cobalt Strike 4.8 (Feb 28, 2023)",
"watermark": 987654321
},
{
"arch": "x64",
"beacon_ip": "120.55.75.154",
"beacon_port": "443",
"config_hash": "3b68c89ea6b37a20ce4ba57c59eae825c94468728c9869c668b41906ca5d4741",
"trial": false,
"ts": 1769987398.9478583,
"version": "Cobalt Strike 4.8 (Feb 28, 2023)",
"watermark": 987654321
}
],
"submituris": [
"/submit.php"
],
"urls": [
"https://120.55.75.154:443/push/submit.php",
"https://120.55.75.154:443/submit.php",
"https://120.55.75.154:443/dot.gif/submit.php"
]
}
},
"Firsttime": 1769699342.8963854,
"Host": "120.55.75.154",
"IP": "120.55.75.154",
"IPs": [
"120.55.75.154"
],
"Paths": [
"/ca",
"/fwlink",
"/push",
"/dot.gif"
],
"Ports": [
"80",
"443"
],
"Protocols": [
"http",
"https"
],
"SubmitURIs": [
"/submit.php"
],
"URLs": [
"http://120.55.75.154:80/ca/submit.php",
"http://120.55.75.154:80/submit.php",
"http://120.55.75.154:80/fwlink/submit.php",
"https://120.55.75.154:443/push/submit.php",
"https://120.55.75.154:443/submit.php",
"https://120.55.75.154:443/dot.gif/submit.php"
],
"ip_enrichment": {
"120.55.75.154": {
"ASN": {
"number": 37963,
"org": "ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd."
},
"GEO": {
"country": "CN",
"country_name": "China",
"lat": 35.0,
"lon": 105.0
},
"first": 1769699342.8963854,
"last": 1769699355.217175,
"meta": {
"build_db": "2025-10-14 12:06:54",
"db_source": "GeoOpen-Country-ASN"
},
"source": "ip.circl.lu",
"updated": 1769699760.461547
}
},
"lasttime": 1769987398.9478583
}